glenn
/
asteroid
mirror of https://github.com/glenneth1/asteroid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docker port maps leak to external interface... 

Unless they are explicitly bound to loopback, which I thought was the
default, but it is not. likely related to the interface between
bridges and ip tables in the Linux kernel, but anyhow, get literal
about the portmap interface address to prevent exposing the database
to the entire internet. With thanks to the friendly heads up email
from the German Federal Republic via Hetzner.
This commit is contained in:
Brian O'Reilly 2026-03-13 17:21:22 -04:00 committed by Glenn Thompson
parent 5d7606fb3b
commit 4f7b63e1b9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker/docker-compose.yml
View File

@ -7,7 +7,7 @@ services:
- POSTGRES_USER=${ASTEROID_DB_USER:-asteroid}
- POSTGRES_PASSWORD=${ASTEROID_DB_PASSWORD:-asteroid_db_2025}
ports:
- "5432:5432"
- "127.0.0.1:5432:5432"
volumes:
- postgres-data:/var/lib/postgresql/data
- ./init-db.sql:/docker-entrypoint-initdb.d/init-db.sql:ro