Self-Hosted Main

502 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

communick@selfhosted.forum

Can somebody help me understand the 0.0.0.0 address in docker? (alien.top)

submitted 10 months ago by Rafa130397@alien.top to c/main@selfhosted.forum

5 comments fedilink hide all child comments

Basically, I have this doubt, I have some self hosted services in docker where I add the ports like this:
host_port:container_port, so I don't specify the interface, so by default, it is 0.0.0.0.

Somebody recently told me that this is dangerous and that I expose my services to the public internet by doing this. I don't want to do that since I am the only one accessing them so I just use a vpn to access them. So, to try this out, I typed in my browser my public ip alongside the host port I used for one of my services but I cannot access it. This has me puzzled. How's the deal? Am I exposing it? Should I change it?

What are your thoughts? Thanks!

you are viewing a single comment's thread
view the rest of the comments

[–] bloopernova@programming.dev 2 points 10 months ago

You're not exposing anything unless your router/firewall explicitly allows it.

0.0.0.0 just means "all addresses on this host". So binding to 0.0.0.0:80 means "listen on every IP address, TCP port 80"

So say you have a Linux box, and it has 4 network interfaces: 127.0.0.1 (localhost), 192.168.1.101 (main local network), 192.168.1.201 (second local network), and 172.16.10.1 (docker network).

If you run a service on the Linux box, and specify that it listens on 0.0.0.0:80, that service will bind to all of those addresses, and be accessible via 127.0.0.1:80, both 192 addresses, and the docker network address.

Now, if you run that same configuration in a docker container without the "-p host:container", it will bind to the address given it in the docker network and only that address.

If you run that same container with the -p host:container, it will bind to and listen on all network addresses.

I hope that's understandable, I'm kinda out of it today so I hope I'm not too incoherent!