Change docker ip in port from 0.0.0.0 for supabase start local development.

[0xBigBoss]

is there anyway to change the binding IP for local supabase from 0.0.0.0 to 127.0.0.1?

supabase cli is also not respecting the /etc/docker/daemon.json default IP

[daniel-j-h]

Coming from https://github.com/supabase/cli/issues/1977

When running supabase start or supabase db start it looks like services are getting exposed on the network, such as the postgres database. I believe this is because when we start containers they bind to all network interfaces instead of just localhost

This is both unexpected and dangerous to have services exposed publicly on the network.

Especially because the locally running services are not secured in any way: someone in the same cafe Wifi as I am can run psql against my host and is in without any credentials

$ psql --host 192.168.2.101 --port 54322 --user postgres

psql (15.5 (Ubuntu 15.5-1.pgdg20.04+1), server 15.1 (Ubuntu 15.1-1.pgdg20.04+1))
Type "help" for help.

postgres=>

This works, I just tested it from a second computer to get access to my laptop's supabase stack running from supabase start

---

Ideally we'd expose services only on localhost - the equivalent of

docker run -p 127.0.0.1:54322:54322

Here's an idea how it could work

• By default all sub-commands starting services start them on 127.0.0.1 only
• Sub-commands starting services get a flag like --host 0.0.0.0 or a binary flag like --expose-publicly

[jmath3912]

any updates regarding this? i find it odd that supabase says its listening on localhost when its really listening on all interfaces

[sweatybridge]

Binding only to localhost interface is now possible in beta release with custom docker network support. For eg.

docker network create -o 'com.docker.network.bridge.host_binding_ipv4=127.0.0.1' local-network
npx supabase@beta start --network-id local-network