From f23cef04001af7bac0b6218bd5e61f7f85399fd7 Mon Sep 17 00:00:00 2001
From: Oliver <oliver.henry.walters@gmail.com>
Date: Mon, 18 Jul 2022 14:08:33 +1000
Subject: [PATCH] docker: prevent ports being exposed outside container context
 (#3351)

---
 docker-compose.yml                   | 2 +-
 docker/production/docker-compose.yml | 9 ++++-----
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index baba646883..8ab381a5bd 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -22,7 +22,7 @@ services:
     inventree-dev-db:
         container_name: inventree-dev-db
         image: postgres:13
-        ports:
+        expose:
             - ${INVENTREE_DB_PORT:-5432}/tcp
         environment:
             - PGDATA=/var/lib/postgresql/data/dev/pgdb
diff --git a/docker/production/docker-compose.yml b/docker/production/docker-compose.yml
index bb31e62975..c9852a9dbe 100644
--- a/docker/production/docker-compose.yml
+++ b/docker/production/docker-compose.yml
@@ -45,7 +45,7 @@ services:
     inventree-db:
         container_name: inventree-db
         image: postgres:13
-        ports:
+        expose:
             - ${INVENTREE_DB_PORT:-5432}/tcp
         environment:
             - PGDATA=/var/lib/postgresql/data/pgdb
@@ -65,9 +65,9 @@ services:
             - inventree-db
         env_file:
             - .env
-        ports:
-            - ${INVENTREE_CACHE_PORT:-6379}:6379
-        restart: unless-stopped
+        expose:
+            - ${INVENTREE_CACHE_PORT:-6379}
+        restart: always
 
     # InvenTree web server services
     # Uses gunicorn as the web server
@@ -126,7 +126,6 @@ services:
         restart: unless-stopped
 
 volumes:
-    # NOTE: Change /path/to/data to a directory on your local machine
     # Persistent data, stored external to the container(s)
     inventree_data:
         driver: local