heartwood every commit a ring
repos / analytics / log / 623dd679

Bind docker port to localhost only

623dd679 by Isaac Bythewood · 1 month ago 

Bind docker port to localhost only

Prevents Docker from exposing the app port publicly, bypassing Caddy
and the firewall. Only Caddy can reach the container now.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
modified docker-compose.yml 
@@ -6,7 +6,7 @@ services:    volumes:      - /srv/data/analytics/:/data/    ports:      - "${PORT}:${PORT}"      - "127.0.0.1:${PORT}:${PORT}"    command: >      gunicorn analytics.asgi:application --preload --workers 2 --max-requests 256      --timeout 30 --bind :${PORT} --worker-class uvicorn.workers.UvicornWorker
© 2026 Isaac Bythewood · Some rights reserved