Closed phantie closed 1 year ago
Thank you for catching this. I believe the switch to localhost was intentional, but not the fact I didn't document the change. The traditional wisdom for databases is to not expose more than you expect. Pretty much every database out there is now configured by default to listen on localhost rather than unspecified, to prevent people from exposing databases to the internet that shouldn't be.
After thinking about it, however, I've decided that listening on unspecified is better for BonsaiDb. This is for a few reasons:
bonsaidb-server
, which means it can have its own listening configuration.All of this is to say I'm merging this PR. I just wanted to document why the default for BonsaiDb isn't localhost when it is generally considered a good security practice for database servers.
I do agree with you, and I'm glad it was of some use.
A breaking change was introduced in the commit a22d45966b0e89c34586ae76b5552c36746b016c, likely by mistake, because it's not mentioned in the CHANGELOG. Should be Ipv6Addr::UNSPECIFIED which stands for [0; 8], instead of Ipv6Addr::LOCALHOST. Strange that remote server by default would only listen on localhost.
Also, port 5645 instead of 5465. Easy to make a mistake here.