From bc2c36b92fa759c335fd660d38362ff7b4dadc6a Mon Sep 17 00:00:00 2001 From: purple_emily Date: Sun, 4 Feb 2024 12:23:48 +0000 Subject: [PATCH 1/6] Close the external PostgreSQL port --- docker-compose.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index b9dfd4e..d2bfdd4 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -39,8 +39,11 @@ services: - .env environment: PGUSER: postgres # needed for healthcheck. - ports: - - "5432:5432" + # # If you need the network to be accessible from outside, please open the below port. + # # Furthermore, please, please, please, change the username and password above. + # # If you want to enhance your security even more, create a new user for the database with a strong password. + # ports: + # - "5432:5432" volumes: - postgres:/var/lib/postgresql/data healthcheck: *postgresdb-health From 050c22e11e5ded9b5081f8d2b865127de9baf77a Mon Sep 17 00:00:00 2001 From: purple_emily Date: Sun, 4 Feb 2024 12:26:49 +0000 Subject: [PATCH 2/6] Change wording of security comment --- docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index d2bfdd4..89e6864 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -39,7 +39,7 @@ services: - .env environment: PGUSER: postgres # needed for healthcheck. - # # If you need the network to be accessible from outside, please open the below port. + # # If you need the database to be accessible from outside, please open the below port. # # Furthermore, please, please, please, change the username and password above. # # If you want to enhance your security even more, create a new user for the database with a strong password. # ports: From 562713f7496685dc3397585c82faad847b49b82a Mon Sep 17 00:00:00 2001 From: purple_emily Date: Sun, 4 Feb 2024 12:28:17 +0000 Subject: [PATCH 3/6] Close the MongoDB port --- docker-compose.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index 89e6864..7048f82 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -40,7 +40,7 @@ services: environment: PGUSER: postgres # needed for healthcheck. # # If you need the database to be accessible from outside, please open the below port. - # # Furthermore, please, please, please, change the username and password above. + # # Furthermore, please, please, please, change the username and password in the .env file. # # If you want to enhance your security even more, create a new user for the database with a strong password. # ports: # - "5432:5432" @@ -55,8 +55,10 @@ services: image: mongo:latest env_file: - .env - ports: - - "27017:27017" + # # If you need the database to be accessible from outside, please open the below port. + # # Furthermore, please, please, please, change the username and password in the .env file. + # ports: + # - "27017:27017" volumes: - mongo:/data/db restart: *restart-policy From f4df6e27a7b2fa62c4ac4e21e0ac6e89a9a29cf5 Mon Sep 17 00:00:00 2001 From: purple_emily Date: Sun, 4 Feb 2024 12:29:27 +0000 Subject: [PATCH 4/6] Close the ports for RabbitMQ --- docker-compose.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index 7048f82..5a466f4 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -68,10 +68,12 @@ services: rabbitmq: image: rabbitmq:3-management - ports: - - "5672:5672" - - "15672:15672" - - "15692:15692" + # # If you need the database to be accessible from outside, please open the below port. + # # Furthermore, please, please, please, look at the documentation for rabbit on how to secure the service. + # ports: + # - "5672:5672" + # - "15672:15672" + # - "15692:15692" volumes: - rabbitmq:/var/lib/rabbitmq restart: *restart-policy From 170d126fc9a9bb4f3e69c23ab5f1a8d63d1e864f Mon Sep 17 00:00:00 2001 From: purple_emily Date: Sun, 4 Feb 2024 12:38:30 +0000 Subject: [PATCH 5/6] Formatting --- docker-compose.yaml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index 5a466f4..019b0f1 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,8 +1,7 @@ -version: '3.8' +version: "3.8" name: knightcrawler -x-restart: &restart-policy - "unless-stopped" +x-restart: &restart-policy "unless-stopped" x-basehealth: &base-health interval: 10s @@ -13,9 +12,9 @@ x-basehealth: &base-health x-rabbithealth: &rabbitmq-health test: rabbitmq-diagnostics -q ping <<: *base-health - + x-mongohealth: &mongodb-health - test: ["CMD","mongosh", "--eval", "db.adminCommand('ping')"] + test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"] <<: *base-health x-postgreshealth: &postgresdb-health @@ -123,4 +122,4 @@ networks: volumes: postgres: mongo: - rabbitmq: \ No newline at end of file + rabbitmq: From 2b715b90a73f3692b74b42e5f9a49eab18209220 Mon Sep 17 00:00:00 2001 From: iPromKnight Date: Sun, 4 Feb 2024 15:51:37 +0000 Subject: [PATCH 6/6] Remove postgres exporter port bind --- docker-compose-metrics.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker-compose-metrics.yml b/docker-compose-metrics.yml index 27f58b9..709c979 100644 --- a/docker-compose-metrics.yml +++ b/docker-compose-metrics.yml @@ -29,8 +29,6 @@ services: postgres-exporter: image: prometheuscommunity/postgres-exporter - ports: - - "9187:9187" environment: DATA_SOURCE_NAME: "postgresql://postgres:postgres@postgres:5432/knightcrawler?sslmode=disable" networks: