Skip to content

Commit

Permalink
move description to rest doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@joaniefromtheblock
joaniefromtheblock committed Oct 21, 2024
1 parent cf78f88 commit 2fcb6ec
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 11 deletions.
14 changes: 3 additions & 11 deletions docs/reference/cli/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2781,22 +2781,14 @@ This flag restricts the server's responding addresses, but not the client access
By default, Teku's REST API server responds only to requests where the `Host` header matches `localhost` or `127.0.0.1`.
If you specify values, the server will only respond to requests where the `Host` header matches one of the specified hosts or IP addresses.

::: tip
You can configure the API to listen on all network interfaces using [`rest-api-interface="0.0.0.0"`](#rest-api-interface) and allow connections from specific addresses by setting `rest-api-host-allowlist`. See [configure the API for network interfaces and host allowlist](../rest.md#configure-the-api-for-network-interfaces-and-host-allowlist) for more information.

Check failure on line 2784 in docs/reference/cli/index.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/cli/index.md:2784:201 MD013/line-length Line length [Expected: 200; Actual: 365] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md

:::tip

To allow all hostnames, use "*". We don't recommend allowing all hostnames for production environments.

Check failure on line 2788 in docs/reference/cli/index.md

View workflow job for this annotation

GitHub Actions / Spelling 

[vale] reported by reviewdog 🐶
[Microsoft.Quotes] Punctuation should be inside the quotes.

Raw Output:
{"message": "[Microsoft.Quotes] Punctuation should be inside the quotes.", "location": {"path": "docs/reference/cli/index.md", "range": {"start": {"line": 2788, "column": 29}}}, "severity": "ERROR"}

:::

You can configure the API to listen on all network interfaces using [`rest-api-interface="0.0.0.0"`](#rest-api-interface) and allow connections from specific addresses by setting `rest-api-host-allowlist`:

- When you configure the interface to listen on all available IP addresses (`rest-api-interface: "0.0.0.0"`) and allow all hosts
(`rest-api-host-allowlist: ["*"]`), it enables connections from any address, such as `localhost` (127.0.0.1) or a specific network IP such as `10.0.0.1`.
- If you set the API to listen only on a specific IP address, such as `rest-api-interface="10.0.0.1"`,
and still allow all hosts (`rest-api-host-allowlist: ["*"]`), only that IP address can connect, and any attempts from `localhost` will fail.
- Configuring the interface to listen on all IP addresses (`rest-api-interface: "0.0.0.0"`) but restricting the allowlist to `localhost` (`rest-api-host-allowlist: ["127.0.0.1"]`)
allows only `localhost` to connect, and other IP addresses, such as `10.0.0.1`, will receive a 403 error.
- If the API listens on `10.0.0.1` (`rest-api-interface: "10.0.0.1"`) but only allows `localhost` (`rest-api-host-allowlist: ["127.0.0.1"]`), neither can connect
- `localhost` can't reach the server, and `10.0.0.1` is blocked.

Check failure on line 2792 in docs/reference/cli/index.md

View workflow job for this annotation

GitHub Actions / Lint

Multiple consecutive blank lines 

docs/reference/cli/index.md:2792 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md012.md
:::warning

Expand Down
12 changes: 12 additions & 0 deletions docs/reference/rest.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,18 @@ curl -X GET "http://localhost:5051/eth/v1/node/identity"
</TabItem>
</Tabs>

### Configure the API for network interfaces and host allowlist

You can use the [`rest-api-host-allowlist`](cli/index.md#rest-api-host-allowlist) and [`rest-api-interface`](cli/index.md#rest-api-interface) options to control which hosts and network interfaces Teku's REST API responds to. Configure the API to listen on specific IP addresses or all interfaces with `rest-api-interface` and control which hosts can connect using `rest-api-host-allowlist`:

Check failure on line 72 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/rest.md:72:201 MD013/line-length Line length [Expected: 200; Actual: 390] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md


Check failure on line 74 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Multiple consecutive blank lines 

docs/reference/rest.md:74 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md012.md
| Configuration | Interface | Allowlist | Result |
|---------------|-----------|-----------|--------|
| Listen on all IP addresses and allow all hosts | `rest-api-interface="0.0.0.0"` | `rest-api-host-allowlist=["*"]` | Enables connections from any address, such as `localhost` (`127.0.0.1`) or `10.0.0.1`. |

Check failure on line 77 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/rest.md:77:201 MD013/line-length Line length [Expected: 200; Actual: 206] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md
| Listen on a specific IP address (`10.0.0.1`) and allow all hosts | `rest-api-interface="10.0.0.1"` | `rest-api-host-allowlist=["*"]` | Only the specified IP (`10.0.0.1`) can connect, and attempts from `localhost` (`127.0.0.1`) will fail. |

Check failure on line 78 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/rest.md:78:201 MD013/line-length Line length [Expected: 200; Actual: 241] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md
| Listen on all IP addresses but allow only `localhost` | `rest-api-interface="0.0.0.0"` | `rest-api-host-allowlist=["127.0.0.1"]` | Only `localhost` (`127.0.0.1`) can connect; other IP addresses (e.g., `10.0.0.1`) will receive a 403 error. |

Check failure on line 79 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/rest.md:79:201 MD013/line-length Line length [Expected: 200; Actual: 242] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md

Check failure on line 79 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Spelling 

[vale] reported by reviewdog 🐶
[Microsoft.Foreign] Use 'for example' instead of 'e.g.,'.

Raw Output:
{"message": "[Microsoft.Foreign] Use 'for example' instead of 'e.g.,'.", "location": {"path": "docs/reference/rest.md", "range": {"start": {"line": 79, "column": 198}}}, "severity": "ERROR"}
| Listen on a specific IP address (`10.0.0.1`) but allow only `localhost` (`127.0.0.1`) | `rest-api-interface="10.0.0.1"` | `rest-api-host-allowlist=["127.0.0.1"]` | Neither can connect. `localhost` cannot reach the server, and `10.0.0.1` is blocked. |

Check failure on line 80 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/rest.md:80:201 MD013/line-length Line length [Expected: 200; Actual: 252] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md

Check warning on line 80 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Spelling 

[vale] reported by reviewdog 🐶
[Microsoft.Contractions] Use 'can't' instead of 'cannot'.

Raw Output:
{"message": "[Microsoft.Contractions] Use 'can't' instead of 'cannot'.", "location": {"path": "docs/reference/rest.md", "range": {"start": {"line": 80, "column": 200}}}, "severity": "WARNING"}

## Enable the validator client API

The [validator client API](../how-to/use-external-signer/manage-keys.md) allows you to call the [key manager API endpoints](https://ethereum.github.io/keymanager-APIs/) and is enabled separately from the REST API methods.

Check failure on line 84 in docs/reference/rest.md

View workflow job for this annotation

GitHub Actions / Lint

Line length 

docs/reference/rest.md:84:201 MD013/line-length Line length [Expected: 200; Actual: 221] https://github.com/DavidAnson/markdownlint/blob/v0.35.0/doc/md013.md
Expand Down

0 comments on commit 2fcb6ec

Please sign in to comment.