From b1e6fcd73b647b6daeb0e573a0e3051ec35a58b6 Mon Sep 17 00:00:00 2001
From: Thomas Citharel <tcit@tcit.fr>
Date: Fri, 26 Mar 2021 10:32:23 +0100
Subject: [PATCH 1/2] Make instance listen by default only on local interface

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
---
 config/dev.exs                     | 1 +
 priv/templates/config.template.eex | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/config/dev.exs b/config/dev.exs
index 970788f9c..a932818ac 100644
--- a/config/dev.exs
+++ b/config/dev.exs
@@ -8,6 +8,7 @@ import Config
 # with brunch.io to recompile .js and .css sources.
 config :mobilizon, Mobilizon.Web.Endpoint,
   http: [
+    ip: {127, 0, 0, 1},
     port: 4000
   ],
   url: [
diff --git a/priv/templates/config.template.eex b/priv/templates/config.template.eex
index 6d2eb4be7..f66ce66e3 100644
--- a/priv/templates/config.template.eex
+++ b/priv/templates/config.template.eex
@@ -5,7 +5,10 @@ import Config
 config :mobilizon, Mobilizon.Web.Endpoint,
    server: <%= release %>,
    url: [host: "<%= instance_domain %>"],
-   http: [port: <%= listen_port %>],
+   http: [
+     ip: {0, 0, 0, 0, 0, 0, 0, 1},
+     port: <%= listen_port %>
+    ],
    secret_key_base: "<%= instance_secret %>"
 
 config :mobilizon, Mobilizon.Web.Auth.Guardian,

From b645c7dadec2e99c1b70f56dd04ca66facce1bb7 Mon Sep 17 00:00:00 2001
From: Thomas Citharel <tcit@tcit.fr>
Date: Fri, 26 Mar 2021 11:38:39 +0100
Subject: [PATCH 2/2] Allow specifying the listen_ip on Docker

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
---
 config/docker.exs | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/config/docker.exs b/config/docker.exs
index 5e7dc5b1a..e84a32995 100644
--- a/config/docker.exs
+++ b/config/docker.exs
@@ -2,10 +2,21 @@
 
 import Config
 
+listen_ip = System.get_env("MOBILIZON_INSTANCE_LISTEN_IP", "::")
+
+listen_ip =
+  case :inet.parse_address(listen_ip) do
+    {:ok, listen_ip} -> listen_ip
+    _ -> raise "MOBILIZON_INSTANCE_LISTEN_IP does not match the expected IP format."
+  end
+
 config :mobilizon, Mobilizon.Web.Endpoint,
   server: true,
   url: [host: System.get_env("MOBILIZON_INSTANCE_HOST", "mobilizon.lan")],
-  http: [port: System.get_env("MOBILIZON_INSTANCE_PORT", "4000")],
+  http: [
+    port: System.get_env("MOBILIZON_INSTANCE_PORT", "4000"),
+    ip: listen_ip
+  ],
   secret_key_base: System.get_env("MOBILIZON_INSTANCE_SECRET_KEY_BASE", "changethis")
 
 config :mobilizon, Mobilizon.Web.Auth.Guardian,