Files
2026-07-12 10:17:17 -04:00

29 lines
986 B
Markdown

# Cockpit Connectivity Notes
## Socket Activation (normal behavior)
Cockpit is socket-activated — `cockpit.socket` listens on `*:9090` and spawns `cockpit.service` on demand. Seeing `cockpit.service` as `inactive (dead)` is **normal** when no one is connected.
```
cockpit.socket → active (listening) on *:9090
cockpit.service → inactive (dead) — wakes on connection
```
## HTTPS required
Cockpit **refuses plain HTTP**. Always use `https://`:
- `https://<hostname>:9090`
- `http://<hostname>:9090` ✗ (connection refused or hangs)
## Self-signed certificate
Cockpit uses a self-signed cert by default. Browsers show a warning that must be bypassed (click "Advanced" → "Proceed").
## Tailscale access
With Tailscale installed on the server, access Cockpit via the Tailscale IP:
```
https://<tailscale-ip>:9090
```
No firewall changes needed — Cockpit listens on `*:9090` which includes the `tailscale0` interface. Same HTTPS + self-signed cert caveats apply.