interledgerjs / tf-connector

Terraform config for deploying a tier-2 ILP connector
17 stars 6 forks source link

Mini accounts plugin listens on unavailable port #5

Open rhuairahrighairidh opened 6 years ago

rhuairahrighairidh commented 6 years ago

In launch.config.js (for tier 1 and 2) the mini accounts plugin is configured to listen on port 7768. However incoming connections are not allowed on this port. It looks like the only allowed ingress ports are 80 on the load balancer and 22 on the instance.

I'm not sure if websocket connections (from client btp plugins) should be sent through port 80 or if other ports should be opened up?

sharafian commented 6 years ago

Because the mini-accounts on here is given unlimited balance, it's intended as admin functionality and shouldn't be exposed publicly. Instead, if you're the admin, you can connect to it by SSH local port forwarding 7768 to your local machine, allowing you to access the port without exposing it publicly.

I briefly describe this in https://github.com/interledgerjs/tf-connector#access-your-connector but it could be better explained in the files so it doesn't cause confusion