From cb13bc9cfdf22a061fcd0ea79a88900410263aff Mon Sep 17 00:00:00 2001
From: glenneth <glennt40@gmail.com>
Date: Mon, 3 Nov 2025 20:44:28 +0300
Subject: [PATCH] fix: Revert Liquidsoap bind address to 0.0.0.0

As easilok correctly pointed out in IRC:
- Inside container: Liquidsoap must bind to 0.0.0.0 (all interfaces)
- Security is enforced by Docker port mapping: 127.0.0.1:1234:1234
- This prevents external access while allowing container functionality

The docker-compose.yml mapping is what provides security, not the
bind address inside the container.

Credit: easilok for the explanation and fix approach
---
 docker/asteroid-radio-docker.liq | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docker/asteroid-radio-docker.liq b/docker/asteroid-radio-docker.liq
index b3cf6e2..c4bfd98 100644
--- a/docker/asteroid-radio-docker.liq
+++ b/docker/asteroid-radio-docker.liq
@@ -15,10 +15,11 @@ settings.frame.audio.channels.set(2)
 settings.audio.converter.samplerate.libsamplerate.quality.set("best")
 
 # Enable telnet server for remote control
-# Bind to 127.0.0.1 for security (only accessible from within container)
+# Bind to 0.0.0.0 inside container (Docker port mapping restricts external access)
+# Security is enforced by docker-compose.yml: "127.0.0.1:1234:1234"
 settings.server.telnet.set(true)
 settings.server.telnet.port.set(1234)
-settings.server.telnet.bind_addr.set("127.0.0.1")
+settings.server.telnet.bind_addr.set("0.0.0.0")
 
 # Get Icecast source password from environment variable
 # Falls back to default if not set (for development)