Add option HTTP_BINDING_ADDRESS to control the bound IP address #665
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…eb interface is exposed.
|
Well, you can restrict the address in the docker-compose.yml: restricts it to 127.0.0.1. I am not sure about IPv6 though. Is that, what you meant? |
|
@DrMichael That works for docker, but I'm running on FreeBSD, based on the manual setup. |
|
Ah, I see... Just curious, you COULD run docker also on FreeBSD? |
|
Yes, in theory, but the prebuilt containers are all Linux-based so they will run under ABI emulation. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I couldn't find a way to force the http server to listen only on 127.0.0.1, so I've created this PR to add an environment variable
HTTP_BINDING_ADDRESSto control the bound IP address. This is useful for extra security when running behind a reverse proxy.The code overrides the
:inet6option because you can control the protocol by using the appropriate string, e.g.::1for IPv6.