Make supervisor inet_http_server expose only few api methods
sridhar562345 opened this issue · 1 comments
I want to restrict the supervisor accessible API methods. For example, I want to expose the status API only to get the status of a given process.
Is it possible or not?
TIA
I want to restrict the supervisor accessible API methods. For example, I want to expose the status API only to get the status of a given process.
Is it possible or not?
No, there are no options to selectively remove parts of the API. Please use another program if you need security features like this. supervisord is suitable for use within a trusted environment only.
http://supervisord.org/configuration.html#inet-http-server-section-settings
Warning
The inet HTTP server is not enabled by default. If you choose to enable it, please read the following security warning. The inet HTTP server is intended for use within a trusted environment only. It should only be bound to localhost or only accessible from within an isolated, trusted network. The inet HTTP server does not support any form of encryption. The inet HTTP server does not use authentication by default (see the username= and password= options). The inet HTTP server can be controlled remotely from supervisorctl. It also serves a web interface that allows subprocesses to be started or stopped, and subprocess logs to be viewed. Never expose the inet HTTP server to the public internet.