Livekit and coolify

So I decided to create my own google meets clone and to do that I found a library for that called livekit. Now this library is basically a full blown solution to google meets in that once you install it you can basically use it. You can connect with other people, share screen, face cams and audio.

I decided to host it on hetzner and after a few days I got an email from [email protected] which surprised me. I read the email and it said that my server had an exposed redis instance with no password or certificate protection. I checked it myself and it was true. I looked what that redis instance was for and it was livekit server redis instance. Apparently when hosting on coolify I decided to connect it to host network and by doing so I exposed not only the server kit server, which is what I wanted, but also the redis server.

1services:
2  livekit:
3    image: 'livekit/livekit-server:latest'
4    container_name: livekit-server
5    restart: always
6    network_mode: host
7    volumes:
8      - '/data/livekit/livekit.yaml:/etc/livekit.yaml:ro'
9    command: '--config /etc/livekit.yaml --node-ip SERVER_IP_ADDRESS'
10  redis:
11    image: 'redis:7-alpine'
12    container_name: livekit-redis
13    restart: always
14    network_mode: host
15    command:
16      - redis-server
17      - '--bind'
18      - 127.0.0.1
19

So I fixed it by adding a command to the redis server would be bound to local network instead of being exposed publicly and I also enabled and configured hetzner firewall to have some basic protection.