Skip to content

NETWORK_ACCESS_QUICK.md

Latest commit

 

History

History
145 lines (117 loc) · 3 KB

NETWORK_ACCESS_QUICK.md

File metadata and controls

145 lines (117 loc) · 3 KB

Network Access - Quick Reference

Enable Network Access

Edit config.json:

{
  "server": {
    "adminPanel": {
      "enabled": true,
      "port": 3000,
      "host": "0.0.0.0",        // ← Change from 127.0.0.1 to 0.0.0.0
      "username": "your_user",   // ← Change from default!
      "password": "your_strong_password"  // ← Change from default!
    }
  }
}

Access Admin Panel

Localhost

http://localhost:3000

From Network (Local)

http://192.168.1.100:3000
(Replace with your server's IP)

From Internet (VPS/Cloud)

http://your-server-ip:3000

🔒 SECURITY WARNING

When host: "0.0.0.0", your admin panel is accessible from ANY IP address!

YOU MUST:

  1. ✅ Change default username/password to STRONG credentials
  2. ✅ Configure firewall to restrict access to your IP only
  3. ✅ Use HTTPS (setup reverse proxy with SSL)
  4. ✅ Consider VPN access instead of public exposure

Quick Firewall Setup

Linux (UFW):

# Allow only YOUR IP to access admin panel
sudo ufw allow from YOUR_IP_ADDRESS to any port 3000

Windows:

New-NetFirewallRule -DisplayName "OneStack Admin" -Direction Inbound -LocalPort 3000 -Protocol TCP -RemoteAddress YOUR_IP_ADDRESS -Action Allow

Production HTTPS Setup (Nginx)

server {
    listen 443 ssl;
    server_name admin.yourdomain.com;
    
    ssl_certificate /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    
    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
    }
}

Then set in config.json:

"host": "127.0.0.1"  // Only accessible via Nginx proxy

Full Documentation

See NETWORK_ACCESS_GUIDE.md for:

  • Detailed security setup
  • VPS deployment examples (AWS, DigitalOcean, Azure)
  • Troubleshooting
  • SSL certificate setup
  • VPN configuration
  • Security best practices

What Changed

Files Modified:

  • admin-api.js - Added host parameter support
  • main.js - Passes host from config to admin API
  • config.json - Added host: "0.0.0.0" option

New Features:

  • Admin panel can bind to specific network interfaces
  • Support for 0.0.0.0 (all interfaces), localhost, or specific IPs
  • Security warnings when binding to all interfaces
  • Network access logs show IP addresses

Example Configurations

Development (Local Only)

"adminPanel": {
  "host": "127.0.0.1",
  "port": 3000
}

Production VPS (Behind Nginx)

"adminPanel": {
  "host": "127.0.0.1",
  "port": 3000
}

Access via: https://admin.yourdomain.com (Nginx handles SSL)

Direct Network Access (with firewall)

"adminPanel": {
  "host": "0.0.0.0",
  "port": 3000
}

Requires: Firewall rules limiting access + HTTPS setup

Internal Network Only

"adminPanel": {
  "host": "192.168.1.100",
  "port": 3000
}

Only accessible on local network interface