-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow specifying bind-interface
via ENV variable
#58
Comments
Thanks for such a detailed issue. I'm happy to implement this. Would you like to submit a PR (so you're listed as a contributor), or would you like me to implement it? |
I've got a lot on my plate at the moment and would prefer to defer to you for implementation, but I appreciate the offer. Thanks for the quick reply and willingness to do it! |
This is also needed for podman, which does not use the proxy either. The proposed fix is not quite right, it should be |
Allows setting the `bind-interface` config option in fr24feed.ini to allow access from non-private IP addresses. Can be set to `0.0.0.0` to allow access from any IP address (warning, may be insecure). If env var is not set (default), the config option will not be added to the config file, which is a secure default. Fixes sdr-enthusiasts#58
Allows setting the `bind-interface` config option in fr24feed.ini to allow access from non-private IP addresses. Can be set to `0.0.0.0` to allow access from any IP address (warning, may be insecure). If env var is not set (default), the config option will not be added to the config file, which is a secure default. Fixes #58
Request (TL;DR)
Allow setting
bind-interface
in the config file via an environment variable, e.g. something like this:Why?
By default, the fr24feed program only allows access to its web interface from IP addresses in a private range. If you try to access the web interface from an IP address outside one of these ranges, the following message is displayed:
So why doesn't this affect all users of this container? By default, docker runs with a "userland proxy". This means any incoming connections to a container appear to come from the proxy's address, typically
172.16.0.x
(which is in the private range). So when running this container, most users' connections to the web-ui appears to come from an IP in the private range.However, I run docker without the userland proxy, so that my containers can see the real client IPs. I also access my container via the Tailscale VPN, which uses IP addresses outside the private range ref. So for my particular use case, I need to set the
bind-interface
variable in the config.Thanks!
The text was updated successfully, but these errors were encountered: