Ajout de BIND_ADDRESS pour le déploiement derrière un reverse-proxy distant
Permet de restreindre l'écoute à l'interface réseau exposée au reverse-proxy, sans toucher aux interfaces non concernées (ex. loopback, interfaces LAN). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -34,6 +34,18 @@ INITIAL_ADMIN_PASSWORD=
|
||||
# ALLOWED_ORIGINS= (empty — disables CORS headers)
|
||||
ALLOWED_ORIGINS=*
|
||||
|
||||
# ── Bind address ─────────────────────────────────────────────────────────────
|
||||
# IP address the application listens on (port 8080).
|
||||
# Default: 0.0.0.0 (all interfaces).
|
||||
# Set to the IP of the interface facing the reverse proxy when the reverse proxy
|
||||
# runs on a separate machine — avoids exposing the app on unintended interfaces.
|
||||
#
|
||||
# Examples:
|
||||
# BIND_ADDRESS=0.0.0.0 (default — all interfaces)
|
||||
# BIND_ADDRESS=192.168.1.10 (LAN interface only)
|
||||
# BIND_ADDRESS=127.0.0.1 (loopback — reverse proxy on the same host)
|
||||
BIND_ADDRESS=0.0.0.0
|
||||
|
||||
# ── Container user IDs ───────────────────────────────────────────────────────
|
||||
# UID and GID used to run the backend process inside the container.
|
||||
# Must match the host user owning ./db_data/ to allow read/write on the
|
||||
|
||||
Reference in New Issue
Block a user