diff --git a/DOCKERHUB.en.md b/DOCKERHUB.en.md index 8d7540b..8bd7448 100644 --- a/DOCKERHUB.en.md +++ b/DOCKERHUB.en.md @@ -19,7 +19,14 @@ Ollama does not need to run on the same host — `OLLAMA_URL` can point to any r | Port | Service | |------|---------| | `8000` | Proxy endpoint (OpenAI API) | -| `8001` | Admin API + web interface (do not expose) | +| `8001` | Admin API + web interface | + +Port 8001 must be exposed because the container serves the admin interface directly on this port. To restrict access to the local machine, bind it to `127.0.0.1` — this makes the port reachable only from the host, not from the network: + +``` +ports: + - "127.0.0.1:8001:8001" +``` ## Environment Variables @@ -46,6 +53,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://host.docker.internal:11434 # or http://:11434 @@ -71,6 +79,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://host.docker.internal:11434 # or http://:11434 @@ -115,6 +124,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://ollama:11434 @@ -147,6 +157,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://ollama:11434 diff --git a/DOCKERHUB.md b/DOCKERHUB.md index 58333f3..cdf35c7 100644 --- a/DOCKERHUB.md +++ b/DOCKERHUB.md @@ -19,7 +19,14 @@ Ollama muss dabei nicht auf demselben Host laufen — `OLLAMA_URL` kann auf jede | Port | Dienst | |------|--------| | `8000` | Proxy-Endpunkt (OpenAI-API) | -| `8001` | Admin-API + Web-Oberfläche (nicht exponieren) | +| `8001` | Admin-API + Web-Oberfläche | + +Port 8001 muss exposed werden, da der Container die Admin-Oberfläche selbst auf diesem Port ausliefert. Um den Zugriff auf den lokalen Rechner zu beschränken, die Portbindung auf `127.0.0.1` setzen — so ist der Port nur vom Host erreichbar, nicht aus dem Netzwerk: + +``` +ports: + - "127.0.0.1:8001:8001" +``` ## Umgebungsvariablen @@ -46,6 +53,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://host.docker.internal:11434 # oder http://:11434 @@ -71,6 +79,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://host.docker.internal:11434 # oder http://:11434 @@ -115,6 +124,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://ollama:11434 @@ -147,6 +157,7 @@ services: restart: unless-stopped ports: - "8000:8000" + - "127.0.0.1:8001:8001" environment: ADMIN_PASSWORD: changeme OLLAMA_URL: http://ollama:11434 diff --git a/docker-compose.yml b/docker-compose.yml index b328d62..17eba9a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,7 @@ services: env_file: .env ports: - "${PROXY_PORT:-8000}:${PROXY_PORT:-8000}" + - "127.0.0.1:8001:8001" volumes: - ./backend/test.db:/app/backend/test.db - ./backend/logs:/app/backend/logs