-rpcallowip

Question

-rpcallowip

Closed this issue 7 years ago · 4 comments

in your docs you hint at being able to start this image from docker-compose. I'm doing that but have a problem: how do I tell the docker-compose.yml what IP addresses to allow connections from?

docker-compose creates a network when bringing up the services and I'm happy to allow any container in that network to query bitcoind, so I could use a mask (I don't have to know the specific IP address in question)

but what is the address?

- Edit I -

to clarify, your docs already to indicate -rpcallow=172.17.0.0/16, which will work when starting the container on the bridge network, but docker-compose creates a network of its own and assigns it a different address (in my test case, it comes in as 172.18.x)

Answer 1 · 2017-04-26T21:00:48.000Z

Hey there @ekkis,

This is more of a configuration issue (not directly related to this repo) but I'm happy to help:

I see a few solutions here:

Allow the entire "172.x.x.x" range (using -rpcallow=172.0.0.0/8)
Specify a subnet of your choosing, as described in the documentation, then use it with the -rpcallowip= parameter.
Use network_mode: "bridge" which will make the container join the default bridge network and use the 172.17.0.x range.

Hope this helps!

Answer 2 · 2017-04-27T02:40:44.000Z

yes, you're right, it's not really a concern of this repo, so thanks for the suggestions. I need to research whether Docker creates all its networks within the 172.x range. if it does then #1 above certainly would work.

as for #2, rpcallow= is intriguing as I don't see it documented. this is where I'm looking: https://en.bitcoin.it/wiki/Running_Bitcoin and presumably it lets me allow by network name? if that were the case that would be ideal because that I know

Answer 3 · 2017-04-27T13:38:15.000Z

rpcallow= is intriguing as I don't see it documented.

Sorry, that was a typo. In essence I was referring to setting a subnet manually, and then specifying it with -rpcallowip=.

Answer 4 · 2019-06-01T16:42:43.000Z

Hey there @ekkis,

This is more of a configuration issue (not directly related to this repo) but I'm happy to help:

I see a few solutions here:

Allow the entire "172.x.x.x" range (using -rpcallow=172.0.0.0/8)

Specify a subnet of your choosing, as described in the documentation, then use it with the -rpcallowip= parameter.

Use network_mode: "bridge" which will make the container join the default bridge network and use the 172.17.0.x range.

Hope this helps!

Shouldn't it be 172.16.0.0/12?
Private_IPv4_addresses