Open mcantrell opened 1 week ago
Which API are you referring to? Sorry not exactly understanding the main issue here
The docker container binds a python fastapi to all network adapters and exposes the API security keys to everyone who has network access:
To limit the potential for security leaks, maybe the services should only be available over localhost until there is a method to secure the API.
great call @mcantrell
The original idea for the getConfig
& setConfig
routes was to make the onboarding experience smoother for running the full-stack app in development mode - i.e. so that developers getting started with the repo will have a clearer understanding (on the localhost:3000 frontend) of which env
variables are required for which features of the app.
I wonder what it would take to make this "dev"=>"production" flow smoother.
Maybe an env variable SERVER_MODE
which equals development
or production
& defaults to development
When SERVER_MODE="production"
, we could:
a) hide the getConfig
& setConfig
routes
b) hide the "API Variables" tab on the NextJS frontend
c) leverage the docker networks
feature to restrict access to localhost:8000 (related note here)
True, we'll need to clarify the docs, as well in the meantime to raise a flag with users that would like to run on linux
Feel free to open a PR with whatever you have time budget for if you'd like carve your name into the git tree
I think that changing the settings to use localhost by default would be enough really. That would certainly go a long way.
Maybe the security part should be up to the developer. I think we're planning on making a fork of the API and making our own UI with Auth0 integration for security but that might not be everyone's cup of tea.
Given that the API provides endpoints (
getConfig
) to view secret keys, security seems necessary.The current documentation probably also needs to be updated to reflect that the server should not be openly exposed to the internet due to the security risk (until this feature is added).