Run fixtures on non-privileged port

But it will still be providing 443 at the load balancer. #patch
ministryofjustice · Oct 15, 2024 · ccbc2ac · ccbc2ac
1 parent df58597
commit ccbc2ac
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/fixtures/Dockerfile b/fixtures/Dockerfile
@@ -24,9 +24,9 @@ COPY fixtures/static static
 COPY fixtures/templates templates
 COPY docs/schemas static/schemas
 
-EXPOSE 80
+EXPOSE 8080
 
 RUN addgroup -S app && adduser -S -g app app
 USER app
 
-CMD [ "flask", "run", "--host", "0.0.0.0", "--port", "80"]
+CMD [ "flask", "run", "--host", "0.0.0.0", "--port", "8080"]
diff --git a/terraform/modules/fixtures_service/ecs.tf b/terraform/modules/fixtures_service/ecs.tf
@@ -19,7 +19,7 @@ resource "aws_ecs_service" "fixtures" {
   load_balancer {
     target_group_arn = aws_lb_target_group.fixtures.arn
     container_name   = "fixtures"
-    container_port   = 80
+    container_port   = 8080
   }
 
   network_configuration {
@@ -60,8 +60,8 @@ locals {
       name                   = "fixtures",
       portMappings = [
         {
-          containerPort = 80,
-          hostPort      = 80,
+          containerPort = 8080,
+          hostPort      = 8080,
           protocol      = "tcp"
         }
       ],

diff --git a/terraform/modules/fixtures_service/security_group.tf b/terraform/modules/fixtures_service/security_group.tf
@@ -9,7 +9,7 @@ resource "aws_security_group_rule" "alb_ingress" {
   type                     = "ingress"
   protocol                 = "tcp"
   from_port                = 80
-  to_port                  = 80
+  to_port                  = 8080
   source_security_group_id = aws_security_group.loadbalancer_gov_wifi.id
   security_group_id        = aws_security_group.ecs.id
   description              = "Inbound from the ALB"