glenn
/
asteroid
mirror of https://github.com/glenneth1/asteroid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docker port maps leak to external interface... 

Unless they are explicitly bound to loopback, which I thought was the
default, but it is not. likely related to the interface between
bridges and ip tables in the Linux kernel, but anyhow, get literal
about the portmap interface address to prevent exposing the database
to the entire internet. With thanks to the friendly heads up email
from the German Federal Republic via Hetzner.
This commit is contained in:
Brian O'Reilly 2026-03-13 17:21:22 -04:00
parent 5f9dc80ac8
commit 0a2ac0c409
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker/docker-compose.yml
View File

@ -43,7 +43,7 @@ services:
- POSTGRES_USER=${ASTEROID_DB_USER:-asteroid}
- POSTGRES_PASSWORD=${ASTEROID_DB_PASSWORD:-asteroid_db_2025}
ports:
- "5432:5432"
- "127.0.0.1:5432:5432"
volumes:
- postgres-data:/var/lib/postgresql/data
- ./init-db.sql:/docker-entrypoint-initdb.d/init-db.sql:ro