feat: leverage .env file

Yureien / YABin

Yet another pastebin, simple but feature-rich, along with a CLI client

https://bin.sohamsen.me/

MIT License

157 stars 22 forks source link

feat: leverage .env file #42

Closed corno-manso closed 7 months ago

corno-manso commented 7 months ago

prevent user from modifying docker-compose.yml
prevent user from building db url by itself, thanks to dotenv-expand

Yureien commented 7 months ago

Thanks for the PR, looks good to me!

I just had a small nitpick: should we be exposing the DB port by default in the compose file?

corno-manso commented 7 months ago

I've refactored code related to db port just so it is only ever exposed to other services and not the host. is that what you meant?

With that, if anyone were to remote connect to mongo: then they'd have to modify docker-compose.yml. Same for people running more than 1 instance of mongo at the same host.

It does add more security to it, indeed. It's less convenient, though.

I'd say exposing by default is better, since anyone self-hosting is supposed to have inbound firewall rules anyway.