From 9103f8e81dff98b44f5c72eb78cb80ff38203719 Mon Sep 17 00:00:00 2001
From: Nigel Gott <nigel@baserow.io>
Date: Thu, 15 Jul 2021 09:15:44 +0000
Subject: [PATCH] Resolve "Don't expose ports for debugging purposes by default
 in docker-compose.yml"

---
 changelog.md                           |  5 ++
 docker-compose.dev.yml                 |  4 ++
 docker-compose.yml                     | 12 ++---
 docs/development/dev_sh.md             |  2 +-
 docs/guides/baserow-docker-how-to.md   | 68 ++++++++++++++++----------
 docs/guides/running-baserow-locally.md | 63 +++++++++++++-----------
 docs/reference/baserow-docker-api.md   | 32 ++++++------
 7 files changed, 106 insertions(+), 80 deletions(-)

diff --git a/changelog.md b/changelog.md
index 6ea752a0d..5fb1ba585 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,6 +1,11 @@
 # Changelog
 
 ## Unreleased
+* **Breaking Change**: Baserow's `docker-compose.yml` no longer exposes ports for 
+  the `db`, `mjml` and `redis` containers for security reasons. 
+* **Breaking Change**: `docker-compose.yml` will by default only expose Baserow on 
+  `localhost` and not `0.0.0.0`, meaning it will not be accessible remotely unless 
+  manually configured.
 
 ## Released (2021-07-13)
 
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
index 53a5a315f..cf69eb7e2 100644
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -2,6 +2,10 @@ version: "3"
 
 services:
 
+  db:
+    ports:
+      - "${HOST_PUBLISH_IP:-127.0.0.1}:${POSTGRES_PORT:-5432}:5432"
+
   backend:
     build:
       context: .
diff --git a/docker-compose.yml b/docker-compose.yml
index 0a7ec7baf..cdc20113c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,8 +8,6 @@ services:
       - POSTGRES_USER=${DATABASE_USER:-baserow}
       - POSTGRES_PASSWORD=${DATABASE_PASSWORD:-baserow}
       - POSTGRES_DB=${DATABASE_NAME:-baserow}
-    ports:
-      - "${POSTGRES_PORT:-5432}:5432"
     networks:
       local:
     volumes:
@@ -18,8 +16,6 @@ services:
   redis:
     container_name: redis
     image: redis:6.0
-    ports:
-      - "${REDIS_PORT:-6379}:6379"
     networks:
       local:
 
@@ -28,8 +24,6 @@ services:
     image: liminspace/mjml-tcpserver:0.10
     # mjml is based off the node image which creates a non root node user we can run as
     user: "1000:1000"
-    ports:
-      - "${MJML_PORT:-28101}:28101"
     networks:
       local:
 
@@ -57,7 +51,7 @@ services:
       - EMAIL_SMTP_PASSWORD
       - FROM_EMAIL
     ports:
-      - "${BACKEND_PORT:-8000}:8000"
+      - "${HOST_PUBLISH_IP:-127.0.0.1}:${BACKEND_PORT:-8000}:8000"
     depends_on:
       - db
       - redis
@@ -148,7 +142,7 @@ services:
       - PUBLIC_WEB_FRONTEND_URL=${PUBLIC_BACKEND_URL:-http://localhost:3000}
       - ADDITIONAL_MODULES
     ports:
-      - "${WEB_FRONTEND_PORT:-3000}:3000"
+      - "${HOST_PUBLISH_IP:-127.0.0.1}:${WEB_FRONTEND_PORT:-3000}:3000"
     depends_on:
       - backend
     networks:
@@ -159,7 +153,7 @@ services:
     container_name: media
     build: media
     ports:
-      - "${MEDIA_PORT:-4000}:80"
+      - "${HOST_PUBLISH_IP:-127.0.0.1}:${MEDIA_PORT:-4000}:80"
     depends_on:
       - media-volume-fixer
     volumes:
diff --git a/docs/development/dev_sh.md b/docs/development/dev_sh.md
index 549b53118..7d84b6a6a 100644
--- a/docs/development/dev_sh.md
+++ b/docs/development/dev_sh.md
@@ -58,7 +58,7 @@ $ ./dev.sh restart {EXTRA_COMMANDS_PASSED_TO_UP}
 $ ./dev.sh down # downs the env
 $ ./dev.sh kill # kills (the old stop_dev.sh)
 # Bind to different ports on the host manage incase you are already running them and they clash! (also works with just docker-compose up)
-$ POSTGRES_PORT=5555 REDIS_PORT=6666 MJML_PORT=7777 ./dev.sh
+$ POSTGRES_PORT=5555 ./dev.sh
 ```
 
 ### Why ./dev.sh ensures the containers run as you
diff --git a/docs/guides/baserow-docker-how-to.md b/docs/guides/baserow-docker-how-to.md
index a16939217..694c92155 100644
--- a/docs/guides/baserow-docker-how-to.md
+++ b/docs/guides/baserow-docker-how-to.md
@@ -21,30 +21,13 @@ $ docker-compose logs
 
 ### Run Baserow alongside existing services
 
-Baserow's docker-compose files will automatically bind to various ports on your
-machine's network. If you already have applications or services using those ports the
-Baserow service which uses that port will crash:
-
-```bash
-Creating network "baserow_local" with driver "bridge"
-Creating db ... 
-Creating db    ... error
-Creating redis ... 
-WARNING: Host is already in use by another container
-
-Creating mjml  ... done
-Creating redis ... done
-
-ERROR: for db  Cannot start service db: driver failed programming external connectivity on endpoint db (...): Error starting userland proxy: listen tcp4 0.0.0.0:5432: bind: address already in use
-ERROR: Encountered errors while bringing up the project.
-```
+Baserow's docker-compose files will automatically expose the `backend`, `web-frontend`
+and `media` containers to your machine's network. If you already have applications or
+services using those ports the Baserow service which uses that port will crash.
 
 To fix this you can change which ports Baserow will use by setting the corresponding
 environment variable:
 
-- For `postgres` set `POSTGRES_PORT` which defaults to `5432`
-- For `redis` set `REDIS_PORT` which defaults to `6379`
-- For `mjml` set `MJML_PORT` which defaults to `28101`
 - For `backend` set `BACKEND_PORT` which defaults to `8000`
 - For `web-frontend` set `WEB_FRONTEND_PORT` which defaults to `3000`
 - For `media` set `MEDIA_PORT` which defaults to `4000`
@@ -52,9 +35,42 @@ environment variable:
 This is how to set these variables in bash:
 
 ```bash
-$ POSTGRES_PORT=5555 REDIS_PORT=6666 MJML_PORT=7777 docker-compose up 
+$ BACKEND_PORT=8001 docker-compose up 
 $ # or using dev.sh
-$ POSTGRES_PORT=5555 REDIS_PORT=6666 MJML_PORT=7777 ./dev.sh
+$ BACKEND_PORT=8001 ./dev.sh
+```
+
+### Make Baserow publicly accessible
+
+By default when you run `docker-compose up` you can only access Baserow from the same
+machine by visiting `localhost:3000` or `127.0.0.1:3000`. If you are running the Baserow
+docker containers on a remote server which you want to access over a network or the
+public internet you need to set some environment variables to expose Baserow.
+
+> Please be warned that there is a security flaw with docker and the ufw firewall.
+> By default docker when exposing ports on 0.0.0.0 will bypass any ufw firewall rules
+> and expose the above containers publicly from your machine on the network. Please see
+> https://github.com/chaifeng/ufw-docker for more information and how to setup ufw to
+> work securely with docker.
+
+You will need to set the following three environment variables to successfully expose
+Baserow on your network.
+
+1. `HOST_PUBLISH_IP=0.0.0.0` - This will configure `docker-compose.yml` to expose
+   Baserow's containers on all IP addresses on the host machine, instead of just
+   localhost. Warning: if you are using UFW please see the warning above.
+2. `PUBLIC_BACKEND_URL={REPLACE_WITH_YOUR_DOMAIN_NAME_OR_HOST_IP}:8000` - This will
+   ensure that Baserow clients will be able to successfully connect to the backend,
+   if you can visit Baserow at port `3000` but you are getting API errors please ensure
+   this variable is set correctly.
+3. `PUBLIC_WEB_FRONTEND_URL={REPLACE_WITH_YOUR_DOMAIN_NAME_OR_HOST_IP}:3000` - The same
+   variable as above but the URL for the web-frontend container instead.
+   
+For example you could run the command below after replacing `REPLACE_ME` with the
+IP address or domain name of the server where Baserow is running:
+
+```bash
+$ HOST_PUBLISH_IP=0.0.0.0 PUBLIC_BACKEND_URL=REPLACE_ME:8000 PUBLIC_WEB_FRONTEND_URL=REPLACE_ME:3000 docker-compose up 
 ```
 
 ### Configure an external email server
@@ -133,10 +149,10 @@ $ ./dev.sh run backend manage sync_templates
 ### Build Error - Service 'backend' failed to build: unable to convert uid/gid chown
 
 This error occurs when attempting to build Baserow's docker images with a version of
-Docker earlier than 19.03. It can also occur when you are attempting to build 
-Baserow version 1.3 or earlier using a version of Docker less than 20.10. You can check 
-your local docker version by running `docker -v` and fix the error by installing the 
-latest version of Docker from https://docs.docker.com/get-docker/.
+Docker earlier than 19.03. It can also occur when you are attempting to build Baserow
+version 1.3 or earlier using a version of Docker less than 20.10. You can check your
+local docker version by running `docker -v` and fix the error by installing the latest
+version of Docker from https://docs.docker.com/get-docker/.
 
 ### Permission denied errors
 
diff --git a/docs/guides/running-baserow-locally.md b/docs/guides/running-baserow-locally.md
index 36024ac30..cb1894828 100644
--- a/docs/guides/running-baserow-locally.md
+++ b/docs/guides/running-baserow-locally.md
@@ -1,14 +1,15 @@
-# Running Baserow locally 
+# Running Baserow locally
 
-If you just want to try out Baserow on your local computer, it is best to use 
-`docker-compose`. The provided `docker-compose.yml` file will launch a production 
-version of Baserow and can be used to run Baserow locally or as a starting point for 
+If you just want to try out Baserow on your local computer, it is best to use
+`docker-compose`. The provided `docker-compose.yml` file will launch a production
+version of Baserow and can be used to run Baserow locally or as a starting point for
 building your own production Baserow setup.
 
+### Quickstart
 
-### Quickstart 
-If you are familiar with git and docker-compose run these commands to launch baserow 
+If you are familiar with git and docker-compose run these commands to launch baserow
 locally, otherwise please start from the Installing Requirements section below.
+
 ```bash
 $ git clone --branch master https://gitlab.com/bramw/baserow.git
 $ cd baserow
@@ -18,18 +19,19 @@ $ docker-compose up
 ## Installing requirements
 
 If you haven't already installed docker and docker-compose on your computer you can do
-so by following the instructions on https://docs.docker.com/desktop/ and 
+so by following the instructions on https://docs.docker.com/desktop/ and
 https://docs.docker.com/compose/install/.
 
 > Docker version 19.03 is the minimum required to build Baserow. It is strongly
 > advised however that you install the latest version of Docker available: 20.10.
 > Please check that your docker is up to date by running `docker -v`.
 
-You will also need git installed which you can do by following the instructions on 
-https://www.linode.com/docs/development/version-control/how-to-install-git-on-linux-mac-and-windows/.
+You will also need git installed which you can do by following the instructions on
+https://www.linode.com/docs/development/version-control/how-to-install-git-on-linux-mac-and-windows/
+.
 
-After installing all the required software you should be able to run the
-following commands in your terminal.
+After installing all the required software you should be able to run the following
+commands in your terminal.
 
 ```
 $ docker -v
@@ -40,21 +42,21 @@ $ git --version
 git version 2.24.3 (Apple Git-128)
 ```
 
-If all commands return something similar as described in the example, then you are 
-ready to proceed!
+If all commands return something similar as described in the example, then you are ready
+to proceed!
 
-## Starting baserow using docker-compose 
+## Starting baserow using docker-compose
 
-> Note that this has only been tested on MacOS Catalina and Ubuntu 20.04. If you run 
+> Note that this has only been tested on MacOS Catalina and Ubuntu 20.04. If you run
 > into any issues with other operating systems, feel free to contact us via the form on
 > https://baserow.io/contact.
 
-For example purposes I have created a directory in my home folder named `baserow`.
-You can of course follow the steps in any directory, but in this tutorial I will assume
-the working directory is `~/baserow`.
+For example purposes I have created a directory in my home folder named `baserow`. You
+can of course follow the steps in any directory, but in this tutorial I will assume the
+working directory is `~/baserow`.
 
-First we have to clone the repository. Execute the following commands to clone the 
-master branch. If you are not familiar with git clone, this will download a copy 
+First we have to clone the repository. Execute the following commands to clone the
+master branch. If you are not familiar with git clone, this will download a copy
 Baserow's code to your computer.
 
 ```
@@ -65,9 +67,9 @@ Cloning into 'baserow'...
 $ cd baserow
 ```
 
-Now that we have our copy of the repo and have changed directories to the newly 
-created `baserow`, we can bring up the containers. You just have to execute the 
-`docker-compose up` command. It might take a while for the command to finish, this is 
+Now that we have our copy of the repo and have changed directories to the newly
+created `baserow`, we can bring up the containers. You just have to execute the
+`docker-compose up` command. It might take a while for the command to finish, this is
 because the image has to be built from scratch.
 
 ```
@@ -81,12 +83,17 @@ Starting celery         ... done
 Starting web-frontend   ... done
 ```
 
-Once everything has finished, you can visit http://localhost:3000 in your browser
-and you should be redirected to the login screen. From here you can create a new account
-and start using the software.
+Once everything has finished, you can visit http://localhost:3000 in your browser and
+you should be redirected to the login screen. From here you can create a new account and
+start using the software.
+
+> Baserow will not be accessible by default from machines other than the one it is
+> running on. Please see the [docker how to](baserow-docker-how-to.md)
+> on how to configure Baserow so you can access it over a network or the internet.
 
 ## Further Reading
-- See [docker how to guide](baserow-docker-how-to.md) for a larger collection of
-  useful operations and commands.
+
+- See [docker how to guide](baserow-docker-how-to.md) for a larger collection of useful
+  operations and commands.
 - See [docker usage](../reference/baserow-docker-api.md) for more detail on how
   Baserow's docker setup can be used and configured.
diff --git a/docs/reference/baserow-docker-api.md b/docs/reference/baserow-docker-api.md
index 0db85b63a..4cd9f65cb 100644
--- a/docs/reference/baserow-docker-api.md
+++ b/docs/reference/baserow-docker-api.md
@@ -63,8 +63,8 @@ $ ./dev.sh run backend COMMAND
 
 ## Web Frontend CLI
 
-The `baserow_web-frontend` and `baserow_web-frontend_dev` images provide various commands
-used to change what process is started inside the container.
+The `baserow_web-frontend` and `baserow_web-frontend_dev` images provide various
+commands used to change what process is started inside the container.
 
 ```bash
 Usage: docker run <imagename> COMMAND
@@ -95,26 +95,25 @@ variables available for configuring baserow's docker setup.
 All of these variables can be set like so:
 
 ```bash
-$ POSTGRES_PORT=5555 REDIS_PORT=6666 MJML_PORT=7777 docker-compose up 
+$ BACKEND_PORT=8001 docker-compose up 
 $ # or using dev.sh
-$ POSTGRES_PORT=5555 MIGRATE_ON_STARTUP=false ./dev.sh
+$ BACKEND_PORT=8001 MIGRATE_ON_STARTUP=false ./dev.sh
 ```
 
 ### Local and Dev Variables
 
 Port configuration (these only work when used with the docker-compose files):
 
-- `POSTGRES_PORT` (default `5432`) : The port the `db` container will bind to on your
-  local network.
-- `REDIS_PORT` (default `6379`) : The port the `redis` container will bind to on your
-  local network.
-- `MJML_PORT` (default `28101`) : The port the `mjml` container will bind to on your
-  local network.
+- `HOST_PUBLISH_IP` (default `127.0.0.1`) : The IP address on the docker host Baserow's
+  containers will bind exposed ports to. By default Baserow only exposes it's containers
+  ports on localhost, please see
+  the [Baserow Docker How To](../guides/baserow-docker-how-to.md)
+  on how to expose Baserow over a network or the internet.
 - `BACKEND_PORT` (default `8000`) : The port the `backend` container will bind to on
   your local network.
-- `WEB_FRONTEND_PORT` (default `3000`) : The port the `web-frontend` container will bind
-  to on your local network.
-- `MEDIA_PORT` (default `4000`) : The port the `media` nginx container will bind to on 
+- `WEB_FRONTEND_PORT` (default `3000`) : The port the `web-frontend`
+  container will bind to on your local network.
+- `MEDIA_PORT` (default `4000`) : The port the `media` nginx container will bind to on
   your local network.
 
 Backend configuration:
@@ -124,11 +123,11 @@ Backend configuration:
 - `SYNC_TEMPLATES_ON_STARTUP` (default `true`) : When `true` on backend server startup
   it will run the baserow management command `sync_templates` which loads any templates
   found in `./backend/templates` into Baserow.
-  
+
 Pass through variables:
 
 These environment variables when provided to the docker-compose files are passed through
-to the correct containers. See [the introduction](../getting-started/introduction.md) 
+to the correct containers. See [the introduction](../getting-started/introduction.md)
 for what these variables do.
 
 - `PUBLIC_BACKEND_URL`
@@ -142,7 +141,6 @@ for what these variables do.
 - `EMAIL_SMTP_PASSWORD`
 - `FROM_EMAIL`
 
-
 ### Dev Only Variables
 
 - `UID` (default `1000` or your user id when using `./dev.sh`) : Sets which user id will
@@ -151,3 +149,5 @@ for what these variables do.
 - `GID` (default `1000` or your group id when using `./dev.sh`) : Sets which group id
   will be used to build Baserow's images with and the group id which will be used to run
   the processes inside Baserow containers.
+- `POSTGRES_PORT` (default `5432`) : The port the `db` container will bind to on your
+  local network.