You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Validation occurs in domain layer during DTO-to-domain conversion
- Grafana excluded (bind address hardcoded at port 3000)
- Localhost detection: 127.0.0.1 and ::1 only
- Add is_localhost_only field to ServiceInfo (not message in URL)
- Show 'Internal only' for localhost services (never hide)
Copy file name to clipboardExpand all lines: docs/issues/272-add-https-support-with-caddy.md
+18-3Lines changed: 18 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1113,6 +1113,14 @@ Error: Invalid configuration for health_check_api
1113
1113
- Change bind_address to '0.0.0.0:1313' to expose the service through Caddy
1114
1114
```
1115
1115
1116
+
**Implementation Notes**:
1117
+
1118
+
- Validation occurs in the domain layer when converting DTO to domain object (similar to the Grafana→Prometheus dependency validation)
1119
+
- This is an internal rule per service, checked during DTO-to-domain conversion
1120
+
- Services to validate: `health_check_api`, `http_api`, `http_trackers` (each individually)
1121
+
- Grafana excluded: bind address is hardcoded (port 3000), not user-configurable
1122
+
- Localhost detection: Check for `127.0.0.1` and `::1` (IPv6 localhost) only, not entire ranges
1123
+
1116
1124
##### Part B: Show Command for Localhost Services (without TLS)
1117
1125
1118
1126
For services bound to localhost WITHOUT TLS, display:
@@ -1129,12 +1137,19 @@ Health Check:
1129
1137
- http://10.140.190.190:1313/health_check
1130
1138
```
1131
1139
1140
+
**Implementation Notes**:
1141
+
1142
+
- Add `is_localhost_only: bool` field to `ServiceInfo` for relevant services (don't put message in URL field)
1143
+
- Show "Internal only" message for localhost-bound services - never hide services from output
1144
+
- Principle: Keep user informed about everything. If keeping a service internal was an error, the user catches it sooner rather than wondering why the service is missing from output.
1145
+
1132
1146
**Implementation Scope**:
1133
1147
1134
-
- [ ] Add validation in create command to reject localhost + TLS combinations
1148
+
- [ ] Add validation in domain layer to reject localhost + TLS combinations (during DTO-to-domain conversion)
1135
1149
- [ ] Update show command to detect localhost-bound services
1136
-
- [ ] Display appropriate message for internal-only services
1137
-
- [ ] Apply to all configurable HTTP services (health check, HTTP trackers, API, Grafana)
1150
+
- [ ] Add `is_localhost_only` field to `ServiceInfo` for health check, API, and HTTP trackers
1151
+
- [ ] Display "Internal only" message for internal-only services
1152
+
- [ ] Apply to: health check API, HTTP API, HTTP trackers (Grafana excluded - hardcoded port)
0 commit comments