holochain-rust
holochain-rust copied to clipboard
How can we bind the http interface to a different ip than 127.0.0.1?
I got to the end of the helo holo tutorial and I can't find any documentation about binding the http interface to a different ip/host. I'd like to bind to http://0.0.0.0:8888 instead of 127.0.0.1 Is it possible?
Hi @gotjoshua this'd be a great conversation for the tutorials section of the forum -- the short answer is that it's not terribly safe to bind to 0.0.0.0
because a running instance represents one agent's presence in the app's DHT, and giving other people direct access to the GUI and RPC ports gives them the opportunity to impersonate that agent. But if you're just trying to do dev on a remote machine, there's a clever setup using SSH that keeps things secure.
well, binding to 0.0.0.0 is rather insecure on the host machine... but it is easy and secure within a docker container as the 0.0.0.0 is isolated to the container and ports of the host are strictly controlled. But sometimes if a service only binds to 127.0.0.1 internally to the docker container, then the traffic from outside is ignored.
However, it seems that it is working quite well "as is" and I have a running setup published here: https://github.com/dcomposed/holo-code-server
Good point re: docker; never thought of that use case. Right now the only thing I can think of is to set up a reverse proxy for HTTP and WebSocket on the Docker guest, which I believe you've done already (or the tools in code-server supplies for you)?
(NB I like this code-server thing; could be really really useful for dev camps and hackathons! Is your Holochain flavour ready to share yet?)
For sure it's sharable... The link is there above... If you want a preview we can exchange login info over a secure channel somehow... Or if you have a server or VPS, by all means try to spin up an instance. I'd love some feedback. I had the same thought about Hackathon... That's actually when/ why I made it!
hey @gotjoshua ; thanks for the invitation! Hmmm, secure channel... Direct message on the forum is sorta secure, in that it's on a self-hosted instance... otherwise I can share my phone number if you have Signal on your phone.
I have signal... I couldn't find out how to do direct message in the holo forum on my phone... Maybe you can direct message me your signal number...
on the holo forums my handle is onezoomin
or you can put your signal number here and delete it afterwards if you're comfortable with that... ( although it would be visible in the comment history :/ )
hey @pdaoust you still want to set up that code-server demo at some point?