From 5d18a1ad71c9987426201b189fedfa119e032d7d Mon Sep 17 00:00:00 2001
From: Daan Selen <dselen@nerthus.nl>
Date: Mon, 19 May 2025 12:14:46 +0200
Subject: [PATCH] Added default exposure of non-encrypted http port.

---
 docker/Dockerfile   |  4 ++--
 docker/compose.yaml | 21 +++++++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)
 create mode 100644 docker/compose.yaml

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 7d58169d..381903e9 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -165,8 +165,8 @@ COPY --from=builder /opt/meshcentral/meshcentral /opt/meshcentral/meshcentral
 # install dependencies from package.json
 RUN cd meshcentral && npm install
 
-# Expose only 443 by default to reduce attack surface. (Only encrypted ports).
-EXPOSE 443
+# Expose needed ports
+EXPOSE 80 443
 
 
 # These volumes will be created by default even without any declaration, this allows default persistence in Docker/Podman.
diff --git a/docker/compose.yaml b/docker/compose.yaml
new file mode 100644
index 00000000..1ff2bc10
--- /dev/null
+++ b/docker/compose.yaml
@@ -0,0 +1,21 @@
+services:
+  meshcentral:
+    image: ghcr.io/ylianst/meshcentral:latest
+    environment:
+      - HOSTNAME=myserver.domain.com
+      - ALLOW_NEW_ACCOUNTS=false
+      - USE_MONGODB=true
+      - MONGO_URL=mongodb://username:password@mongodb:27017/meshcentral
+    volumes:
+      - meshcentral-data:/opt/meshcentral/meshcentral-data
+      - meshcentral-files:/opt/meshcentral/meshcentral-files
+      - meshcentral-web:/opt/meshcentral/meshcentral-web
+      - meshcentral-backups:/opt/meshcentral/meshcentral-backups
+    ports:
+      - "80:80"
+      - "443:443"
+volumes:
+  meshcentral-data:
+  meshcentral-files:
+  meshcentral-web:
+  meshcentral-backups: