Documentation

Securing access for certain IPs

Applies to Docker-Compose components only

Suggest Edits

🚧

Caution

This article only covers Docker-compose Components.

For all other kinds of Components, you are responsible to apply security.

You can chose to secure your Environment in order to avoid exposing staging or dev Environments publicly.

To do this, you will have to edit the bunnyshell.yaml's security property, as demonstrated below.

security:
  access:
    allowedIps:
      - '192.168.0.1/24'
      - '185.181.102.37/32'

These settings are applied at an Environment level, to all Docker-compose Components inside that Environment.

If you need to bypass this rule and expose certain endpoints publicly, you can do that from the hosts property of each Component (Application / Service).

components:

  - name: service_name
    ...
    hosts:
      - hostname: backend
        path: /
        servicePort: 8080
        public: true

This is very useful if your applications have webhooks which need to be called by external systems, for example.

Updated about 1 year ago