From 816a128aaf963d72c4930852ce32b9a4e31924a1 Mon Sep 17 00:00:00 2001
From: Gus Eggert <gus@gus.dev>
Date: Wed, 9 Mar 2022 10:31:07 -0500
Subject: [PATCH] fix: listen on loopback for API and gateway ports in
 docker-compose.yaml (#8773)

---
 docker-compose.yaml | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index eaf947cb3..447a1474b 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -10,11 +10,18 @@ services:
     environment:
       - IPFS_PATH=/data/ipfs
     ports:
+      # Swarm listens on all interfaces, so is remotely reachable.
       - 4001:4001/tcp
       - 4001:4001/udp
-      - 5001:5001
-      - 8080:8080
-      - 8081:8081
+      
+      # The following ports only listen on the loopback interface, so are not remotely reachable by default.
+      # If you want to override these or add more ports, see https://docs.docker.com/compose/extends/ .
+      
+      # API port, which includes admin operations, so you probably don't want this remotely accessible.
+      - 127.0.0.1:5001:5001
+      
+      # HTTP Gateway
+      - 127.0.0.1:8080:8080
 volumes:
   ipfs_path:
   ipfs_fuse:
-- 
GitLab