I just started to learn the docker and try to adapt it for my need. Given such simple docker-compose file
version: '3'
services:
my-client:
container_name: my-client
build:
context: ./client
dockerfile: Dockerfile_dev
ports:
- "3000:3000"
volumes:
- ./client/src:/srv/dev/client/src
- ./client/public:/srv/dev/client/public
command: npm run start
my-nginx:
container_name: my-nginx
build: ./nginx
links:
- my-client
expose:
- 80
ports:
- "80:80"
(nginx just proxies requests to the client)
Currently I can access my client through localhost, and through localhost:3000, which is not good. I want just 1 port to be visible outside of my network, and all other containers to be hidden. Is that possible to setup network in a way when outside->nginx->client, but not outside->client
Just drop this:
ports:
- "3000:3000"
Then the only way to access this container is outside -> nginx -> client (or localhost, if you try from the machine where the containers run). Nginx will still be able to reach the container at port 3000, but others won't.