mirror of
https://github.com/Crosstalk-Solutions/project-nomad.git
synced 2026-03-28 11:39:26 +01:00
fix(security): remove MySQL and Redis port exposure to host
MySQL (3306) and Redis (6379) were published to all host interfaces despite only being accessed by the admin container via Docker's internal network. Redis has no authentication, so anyone on the LAN could connect. Removes the port mappings — containers still communicate internally via Docker service names. Closes #279 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Chris Sherwood
parent
86575bfc73
commit
b0d7709a6c
|
|
@ -58,8 +58,6 @@ services:
|
|||
image: mysql:8.0
|
||||
container_name: nomad_mysql
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "3306:3306"
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=replaceme
|
||||
- MYSQL_DATABASE=nomad
|
||||
|
|
@ -76,8 +74,6 @@ services:
|
|||
image: redis:7-alpine
|
||||
container_name: nomad_redis
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "6379:6379"
|
||||
volumes:
|
||||
- /opt/project-nomad/redis:/data
|
||||
healthcheck:
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user