Im not entirely sure this belongs here; a feature requests for the API?
I would like to have password on the API. Its kinda dangerous to leave it open, someone could turn off the fans or whatever, and its extremely useful to have access to the API remotely
Yes the RPC API is part of cgminer and requests/discussions about it belong here.
Your 1st request is related to what I put into cgminer yesterday and will be available with the next release.
If you can't wait for the next release, you can download the latest git, compile it and have it already.
My change yesterday means that by default no-one can change anything, they can only view everything.
You must use the --api-allow to be able to grant access to commands that effect cgminer, and only the ip addresses/subnets that are specified with a "W:" on the front are given this extra write/privileged access.
The privileged commands will be: gpu settings, switchpool, save, quit & privileged.
(the last one is just a way to test if you are privileged)
So in the next version "--api-listen" or "--api-listen --api-network" give access to all of the other display commands only.
Aside: "--api-listen" is the same as "--api-listen --api-allow 127.0.0.1"
and "--api-listen --api-network" is the same as "--api-listen --api-allow 0/0"
In the next version to grant local access to all of the API:
"--api-listen --api-allow W:127.0.0.1"
In the next version to grant only the cgminer computer access to all of the API and read access to your local network:
"--api-listen --api-allow W:127.0.0.1,192.168.1/24"
In the next version to grant cgminer and local network access to all of the API and read access to the rest of the world:
"--api-listen --api-allow W:127.0.0.1,W:192.168.1/24,0/0"
Adding password access would be more that just a small effort for a few reasons:
1) It's pointless adding password access without data encryption since it defeats the purpose of having a password in the first places
2) If I add data encryption then the protocol used would need to be used by anyone wanting password encryption.
Not insurmountable, but also not a quick addition.
I would also like the possibility to manage pools via the API. Add, delete, enable/disable pools. If that's already possible, then perhaps I misread the documentation.
I someone can make this happen, Ill toss you a coin.
From the API you can only switch pools (switchpool|N) at the moment.
That is almost the equivalent of enable/disable if you are using the default "Failover" mode since in that mode it only mines on the pool with priority 0 unless there is trouble with it,
So a switchpool|N command makes that the active pool (and enables it) and thus makes the current active pool no long the active pool (but doesn't disable it)
Add/delete/disable is not currently available and is also I doubt a very quick addition.
You cannot delete a pool as such anyway - it would only be 'disable'
Adding a pool: I'd have to have a look at what issues that creates when cgminer is already running
(I've no idea at the moment)
If a few people were interested ... you'd have a better chance of redirecting my current development away from my multi-rig monitoring/notification standalone java tool I'm working slowly on ...
(yes while working on this I realised the recent changes were needed and would also resolve most all but encrypted/password access to the API)