Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restricting open ports in docker-services.yml only to localhost #254

Open
mesemus opened this issue Jan 8, 2023 · 1 comment
Open

Restricting open ports in docker-services.yml only to localhost #254

mesemus opened this issue Jan 8, 2023 · 1 comment

Comments

@mesemus
Copy link

mesemus commented Jan 8, 2023

Is your feature request related to a problem? Please describe.

In repository development I use the provided docker-services.yml to start up support services.
These by default bridge service ports to all interfaces which is a security risk.

Describe the solution you'd like

Prefix all bound ports with '127.0.0.1:' to bind them to localhost only.
To disable this (if there is a use case for this), add an option
to the cookiecutter (with the default set to localhost only).

Describe alternatives you've considered

Two service configs could be provided - one for secured development
and one for the scenario in which the ports have to be exposed to the
external world - but this would bring complexity to invenio-cli services
(selector which one to use).
@chriz-uniba
Copy link
Contributor

I agree - I already got warnings from our university-service that I exposed ports to the world while I was testing invenio...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mesemus @chriz-uniba