search

home-assistant-libs / python-matter-server

Python server to interact with Matter
Apache License 2.0
519 stars 79 forks source link

How to secure python-matter-server in docker mode ? #959

Open zoic21 opened 1 week ago

zoic21 commented 1 week ago

Hello,

Thanks for this project I just test with a wifi plug and it's perfectly work. Currently I have HA deploy in docker (network mode host) and python-matter-server in docker also in network mode host like that : 

services:
  matter-server:
    image: ghcr.io/home-assistant-libs/python-matter-server:stable
    container_name: matter-server
    restart: always
    network_mode: host
    volumes:
      - /opt/docker/matter-server:/data/

But I wonder how I can secure this, I explain : python-matter-server open port 5580 for websoket but since I'am in docker host mode it's accessible for everybody on my LAN.

So do I need to have a firewall on my docker server to disallow port 5580 ? It's can work but it's not really a security... Or can I add authentification or apikey or somethings like that ?

Thanks in advance for your return.

kelvtech-co-uk commented 2 days ago

Hi, I shared the same concern so went looking for a solution... see this.