From 4281936ff435fd0e63725b88ac5486c0c1cd4378 Mon Sep 17 00:00:00 2001 From: Tyler Goodlet Date: Sat, 4 Jun 2022 20:13:53 -0400 Subject: [PATCH] Add readme for `ib-gw` container usage --- dockering/ib/README.rst | 30 ++++++++++++++++++++++++++++++ dockering/ib/run_x11_vnc.sh | 1 + 2 files changed, 31 insertions(+) create mode 100644 dockering/ib/README.rst diff --git a/dockering/ib/README.rst b/dockering/ib/README.rst new file mode 100644 index 00000000..3f9e01b9 --- /dev/null +++ b/dockering/ib/README.rst @@ -0,0 +1,30 @@ +running ``ib`` gateway in ``docker`` +------------------------------------ +We have a config based on the (now defunct) +image from "waytrade": + +https://github.com/waytrade/ib-gateway-docker + +To startup this image with our custom settings +simply run the command:: + + docker compose up + +And you should have the following socket-available services: + +- ``x11vnc1@127.0.0.1:3003`` +- ``ib-gw@127.0.0.1:4002`` + +You can attach to the container via a VNC client +without password auth. + +SECURITY STUFF!?!?! +------------------- +Though "``ib``" claims they host filter connections outside +localhost (aka ``127.0.0.1``) it's probably better if you filter +the socket at the OS level using a stateless firewall rule:: + + ip rule add not unicast iif lo to 0.0.0.0/0 dport 4002 + +We will soon have this baked into our own custom image but for +now you'll have to do it urself dawgy. diff --git a/dockering/ib/run_x11_vnc.sh b/dockering/ib/run_x11_vnc.sh index dcbe0f54..c87dc2bb 100755 --- a/dockering/ib/run_x11_vnc.sh +++ b/dockering/ib/run_x11_vnc.sh @@ -1,5 +1,6 @@ #!/bin/sh +# start VNC server x11vnc \ -ncache_cr \ -listen localhost \