Rootstock: include $DOMAIN in http hosts whitelist
rskj's hosts whitelist is exact-match (no wildcards). Use HOCON env-var
substitution ${?DOMAIN} to inject the per-host public domain into the
allowed list. Pass DOMAIN env var into the container via the rskj
template.
Allowed hosts list: [localhost, 127.0.0.1, ::1, ${?DOMAIN}]
- localhost variants for direct/internal access
- DOMAIN for traefik-forwarded requests (Host header = public domain)
This commit is contained in:
@@ -11,7 +11,9 @@ rpc {
|
||||
http = {
|
||||
enabled = true
|
||||
bind_address = "0.0.0.0"
|
||||
hosts = ["*"]
|
||||
# Whitelist: include localhost variants AND the public domain.
|
||||
# ${?DOMAIN} is HOCON env-var sub: skipped if env var is unset.
|
||||
hosts = ["localhost", "127.0.0.1", "::1", ${?DOMAIN}]
|
||||
port = 8545
|
||||
}
|
||||
ws = {
|
||||
|
||||
@@ -11,7 +11,9 @@ rpc {
|
||||
http = {
|
||||
enabled = true
|
||||
bind_address = "0.0.0.0"
|
||||
hosts = ["*"]
|
||||
# Whitelist: include localhost variants AND the public domain.
|
||||
# ${?DOMAIN} is HOCON env-var sub: skipped if env var is unset.
|
||||
hosts = ["localhost", "127.0.0.1", "::1", ${?DOMAIN}]
|
||||
port = 8545
|
||||
}
|
||||
ws = {
|
||||
|
||||
@@ -52,6 +52,7 @@ services:
|
||||
- 8545
|
||||
- 8546
|
||||
environment:
|
||||
DOMAIN: ${DOMAIN}
|
||||
RSKJ_SYS_PROPS: -Drpc.providers.web.http.bind_address=0.0.0.0
|
||||
restart: unless-stopped
|
||||
stop_grace_period: 5m
|
||||
|
||||
@@ -52,6 +52,7 @@ services:
|
||||
- 8545
|
||||
- 8546
|
||||
environment:
|
||||
DOMAIN: ${DOMAIN}
|
||||
RSKJ_SYS_PROPS: -Drpc.providers.web.http.bind_address=0.0.0.0
|
||||
restart: unless-stopped
|
||||
stop_grace_period: 5m
|
||||
|
||||
Reference in New Issue
Block a user