Public and exposed ports


which ports in docker-compose.yml can be changed to expose?

I changed port 4500:80 to expose and 8082:80 too as expose is referred to in the comment. For all other ports no comment refers to expose to block public access. Which ports have to be publicly accessible?

Actually we have these open ports on the server:
80/tcp open (is redirected by nginx to 443)
443/tcp open https
1883/tcp open
3000/tcp open
4200/tcp open
5672/tcp open
8004/tcp open
8081/tcp open
15672/tcp open
15675/tcp open

Which of these ports can be changed to expose?

With Docker Compose Tiledesk has a reverse proxy that work on 8081 port. So this is the public port to access to all the Tiledesk components (Dashboard, Widget, Web Chat).
So if you want you had to change 8081 port to YOUR port.

My question is not about port 8081.

For example docker container webwidget has port 4200 configured in yml-file:
image: chat21/chat21-web-widget:5.0.38
container_name: chat21-web-widget
- “4200:80” # specify port forewarding

As this is configured as ports: and not expose:, port 4200 is open to public on the host.

If I set all container ports to expose, they are no more publicly accessible, but chat stops working. Therefore I need to know which ports have to be publicly accessible.

We are using nginx as revers proxy as described in tiledesk/ at master · Tiledesk/tiledesk · GitHub for custom domain and https.

I changed now all ports: definitions in docker-compose.yml to expose: except for the proxy container. The proxy container is limited to localhost:
image: tiledesk/tiledesk-docker-proxy:v1.1.0
container_name: tiledesk-docker-proxy
- “” # specify port forewarding
- server
- dashboard
- webwidget
- chat21httpserver
- rabbitmq
command: [nginx-debug, ‘-g’, ‘daemon off;’]

With this configuration tiledesk seems to run fine and no container ports are any more publicly accessible:
nmap shows:
80/tcp open http
443/tcp open https

Andrea, is there anything against this configuration from your side?

Can you share with me how you changed the docker-compose.yml file?