Zenith Application Proxy
The Zenith application proxy is enabled by default in the reference configuration. To disable it, just set:
The only piece of configuration that is required for Zenith is a secret key that is used to sign and verify the single-use tokens issued by the registrar (see the Zenith architecture document for details):
zenith_registrar_subdomain_token_signing_key: "<some secret key>"
Tip
This key should be a long, random string - at least 32 bytes (256 bits) is recommended.
A suitable key can be generated using openssl rand -hex 32
.
Danger
This key should be kept secret. If you want to keep it in Git - which is recommended - then it must be encrypted.
SSHD port number
By default, the Zenith SSHD server will use port 22
on a dedicated IP address for a HA
deployment and port 2222
on the pre-allocated floating IP for a single node deployment
(port 22
is used for regular SSH to configure the node).
This can be changed using the following variable, if required:
Created: April 9, 2024