I set up an *arr stack and made it work, and now I’m trying to make it safe - the objectivly correct order.
I installed uncomplicated firewall on the system to pretend to protect myself, and opened ports as and when I needed them.
So I’m in mind to fix my firewall rules and my question is this: Given there’s a more sensible ufw rule set what is it, I have looked online I couldn’t find any answers? Either “limit 8080”, “limit 9696”, “limit …” etc. or “open”. Or " allow 192.168.0.0/16" would I have to allow my docker’s subnet as well?
To head off any “why didn’t you <brilliant idea>?” it’s because I’m dumb. Cheers in advance.
Both pi’s have static IPs.
I asked the *arrs to talk to each other, and when they didn’t work (and only when they didnt work) I "ufw allow"ed the relevant port.
I just want to patch up my firewall layer as best I can, and then start building security layers on top/below it as I learn how.
So I told Sonarr that qBit it at 192.168…:port. The test failed, “ufw allow port”, then the test passed. Could I instead have told Sonarr qBit is at 172.18…:port(dockers network address) and then close up the firewall. Or can I set them all to “ufw limit”. Or set the firewall to only allow local local traffic… You get the idea, I know enough to be dangerous but not enough to ask the right questions.