Warn users of postgress exposure and ufw override

[Staking7pc]

This is more of a suggestion than an issue

Below points can be added in the documentation as a warning.

1 - Warn the users to change the password in postgress and port /do not keep the default password for the same in docker-compose
2 - Firewall rules are bypassed by docker containers by default so add these commands or a note to notify users
To disable one can set

{
     "iptables": false
}

in /etc/docker/daemon.json
echo "DOCKER_OPTS=\"--iptables=false\"" >> /etc/default/docker
restart docker service

service docker restart

[jim-counter]

Just a word of warning. Turning off IP tables in Docker caused my deployment containers to lose connectivity.

[jim-counter]

This solution appears to be working for me. It stops the ports Docker containers are binding to from being publicly available and allows me to expose just what I need using UFW To Fix The Docker and UFW Security Flaw Without Disabling Iptables.

[erc30]

Instead of using the ports directive, it would be better to use expose in docker-compose.yml. The postgres port will be accessible from the docker network and not from the host.

[yasiryagi]

https://github.com/yasiryagi/SubQuery

[seandotau]

Added to FAQ @ianhe8x