Closed levi-pl closed 4 months ago
Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
I was too quick. In recent versions you can override container exported ports and since those four are needed for minimal operations this makes my request invalid.
Expose argument is used mainly for documenting (like a label). It doesn't actually expose anything by itself.
Is this a new feature request?
Wanted change
Container by default exposes four ports. Below is excerpt from Dockerfile:
EXPOSE 8080 8443 8843 8880
I propose to remove this line so by default no ports are exposed because it is impossible to disable those exports when starting container.
docker-compose.yml entry:
ports:
- 127.0.0.1:8843:8843
still results in following mappings:
8443/tcp, 127.0.0.1:8843->8843/tcp
Reason for change
In docker it is impossible to "unexport" port defined in container. If for any reason you would like to configure container in more secure way you would have to block traffic using workarounds. Example scenarios are:
Proposed code change
Remove
EXPOSE 8080 8443 8843 8880
from Dockerfile