Allow exposing the desktop client websocket on an alternate port
Closed this issue · 2 comments
starcraft66 commented
Right no since there is 0 authentication in the app, we block traffic to it outside the admin VLAN.
The introducuction of the desktop client now poses a problem because the admin interface as well as the desktop client websocket are exposed over the same poet which makes restricting access challenging without a reverse proxy.
Although we should probably just use a reverse proxy, it would be nice to just be able to expose the 2 interfaces on separate ports to make this avcess controllable via a simple Layer 3 firewall.
berbiche commented
https://chatgpt.com/share/5accbf74-5830-4586-a69c-5286be142373
To be tested...
starcraft66 commented
Closing for now as we have put the app behind a reverse proxy with ACL.