diff options
| author | langfingaz <daniel@systemli.org> | 2019-07-20 01:58:36 +0300 |
|---|---|---|
| committer | nachoparker <nacho@ownyourbits.com> | 2019-07-20 19:46:33 +0300 |
| commit | 03713d6b0b90d427cd6751fd5e9f806e59b59708 (patch) | |
| tree | 80d6f2de48fa55ed72359f60a69441205af76b3f | |
| parent | 7663a90275f8cfe88e8a4bf8269032b3dc3cf7b8 (diff) | |
docker: Remove Expose Ports (#946)
If you start an docker image via docker or docker-compose all ports which are exposed through inside the Dockerfile are always opened! The user cannot disable it.
See "sudo docker ps" after starting nextcloudpi-docker: Ports 80, 443 and 4443 are always exposed on the host.
This even bypasses the UFW setup on the host system as docker directly modifies the ip tables. There exist some issues on the Docker repo discussing this problem. But the easiest "workaround" is not to force-expose any ports.
Launching the Docker image normally or via docker-compose should not be affected. If the user has for example "ports: \n - 80:80 \n - 443:443 \n - 4443:4443" included in his compose file, he won't notice this change.
What do you think of this? Is there any reason for not being able to expose the ports?
Greetings,
Daniel
| -rw-r--r-- | docker/nextcloudpi/Dockerfile | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/docker/nextcloudpi/Dockerfile b/docker/nextcloudpi/Dockerfile index a218992c..0112991f 100644 --- a/docker/nextcloudpi/Dockerfile +++ b/docker/nextcloudpi/Dockerfile @@ -68,6 +68,3 @@ echo "${ncp_ver}" > /usr/local/etc/ncp-version COPY docker/nextcloudpi/000ncp /etc/services-enabled.d/ COPY bin/ncp/CONFIG/nc-init.sh / COPY etc/ncp-config.d/nc-init.cfg /usr/local/etc/ncp-config.d/ - -# 4443 - ncp-web -EXPOSE 80 443 4443 |