diff --git a/deploy/app.env.example b/deploy/app.env.example index bae6a379f..b3a2dc15b 100644 --- a/deploy/app.env.example +++ b/deploy/app.env.example @@ -12,6 +12,9 @@ SECRET_KEY="TODO-change-me-Z6cuMithzO0fMn3ZqJ7nTg0YJznoHiJXoJCNngQM4Kqzzd3fiYKdV # https://docs.sysreptor.com/setup/configuration/#fido2webauthn # MFA_FIDO2_RP_ID="sysreptor.example.com" +# https://docs.sysreptor.com/setup/configuration/#bind-to-different-port-or-interface +BIND_PORT="127.0.0.1:8000:8000" + # Do not use debug mode in production environments # https://docs.sysreptor.com/setup/configuration/#debug-mode DEBUG=off diff --git a/deploy/docker-compose.yml b/deploy/docker-compose.yml index 98ec940dc..3f41859b4 100644 --- a/deploy/docker-compose.yml +++ b/deploy/docker-compose.yml @@ -39,7 +39,7 @@ services: expose: - 8000 ports: - - "127.0.0.1:8000:8000" + - ${BIND_PORT:-127.0.0.1:8000:8000} environment: DATABASE_HOST: db DATABASE_NAME: reportcreator diff --git a/docs/docs/setup/configuration.md b/docs/docs/setup/configuration.md index 326251265..eeaa9c99d 100644 --- a/docs/docs/setup/configuration.md +++ b/docs/docs/setup/configuration.md @@ -51,6 +51,19 @@ ENCRYPTION_KEYS='[{"id": "TODO-change-me-unique-key-id-5cdda4c0-a16c-4ae2-8a16-a DEFAULT_ENCRYPTION_KEY_ID="TODO-change-me-unique-key-id-5cdda4c0-a16c-4ae2-8a16-aa2ff258530d" ``` +### Bind to different port or interface +SysReptor is bound to port 8000 on localhost by default. If you want to bind it to a different port, use the `BIND_PORT` environment variable. +The format is `IP:HOST_PORT:CONTAINER_PORT`(note that `CONTAINER_PORT` should always be 8000). + +``` title="Examples:" +BIND_PORT="127.0.0.1:8000:8000" +BIND_PORT="127.0.0.1:80:8000" # Bind to localhost port 80 +BIND_PORT="8000:8000" # Bind to all interfaces +BIND_PORT="1.1.1.1:8000:8000" # Bind to dedicated interface +``` + +Binding SysReptor to a publicly reachable network port exposes the application to untrusted networks without encryption. We recommend setting up a [web server](webserver/). + ### Debug mode Debug mode enables Django's debug toolbar and stack traces. Do not use debug mode in production environments.