github-actions[bot]
commented
4 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Closed levi-pl closed 4 months ago
github-actions[bot]
commented
4 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
levi-pl
commented
4 months ago I was too quick. In recent versions you can override container exported ports and since those four are needed for minimal operations this makes my request invalid.
aptalca
commented
4 months ago Expose argument is used mainly for documenting (like a label). It doesn't actually expose anything by itself.
Is this a new feature request?
Wanted change
Container by default exposes four ports. Below is excerpt from Dockerfile:
EXPOSE 8080 8443 8843 8880I propose to remove this line so by default no ports are exposed because it is impossible to disable those exports when starting container.
docker-compose.yml entry:
ports:- 127.0.0.1:8843:8843still results in following mappings:
8443/tcp, 127.0.0.1:8843->8843/tcpReason for change
In docker it is impossible to "unexport" port defined in container. If for any reason you would like to configure container in more secure way you would have to block traffic using workarounds. Example scenarios are:
Proposed code change
Remove
EXPOSE 8080 8443 8843 8880from Dockerfile