Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(server): REST API and WS API now use env vars for host and port. #8057

Closed
wants to merge 0 commits into from
Closed

feat(server): REST API and WS API now use env vars for host and port. #8057

wants to merge 0 commits into from

Conversation

twinsant
Copy link

User description
Background

Previous versions used hard-coded settings for the server's host and port, which was inconvenient during development
Changes 🏗️

Added host and port settings to the .env file

@twinsant twinsant requested a review from a team as a code owner September 15, 2024 08:42
@twinsant twinsant requested review from Swiftyos and Pwuts and removed request for a team September 15, 2024 08:42
@github-actions github-actions bot added the platform/backend AutoGPT Platform - Back end label Sep 15, 2024
@qodo-merge-pro Qodo Merge Pro
Copy link

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
🧪 No relevant tests
🔒 Security concerns

Potential exposure to unauthorized access:
The REST API server is configured to listen on all network interfaces (0.0.0.0) by default. This configuration could potentially expose the server to unauthorized access from any network interface if not properly secured. It's recommended to use a more restrictive default, such as 127.0.0.1, for local development, and only use 0.0.0.0 in controlled environments where it's necessary and secure.

⚡ Key issues to review

Potential Security Risk
The server is set to listen on all network interfaces (0.0.0.0) by default. This might expose the server to unnecessary risks if not properly secured.

Configuration Consistency
The .env.example file sets default values for AP_SERVER_PORT and WS_SERVER_PORT, but these might conflict with the PORT environment variable set in the Dockerfile.

@netlify Netlify
Copy link

netlify bot commented Sep 15, 2024
edited
Loading

Deploy Preview for auto-gpt-docs canceled.

Name Link
🔨 Latest commit 46b8f9a
🔍 Latest deploy log https://app.netlify.com/sites/auto-gpt-docs/deploys/66f3571948d52a000859c92d

kcze
kcze approved these changes Sep 15, 2024
View reviewed changes
rnd/autogpt_server/.env.example Outdated
Comment on lines 17 to 22
AP_SERVER_HOST="0.0.0.0"
AP_SERVER_PORT="8000"

# WS API
WS_SERVER_HOST="0.0.0.0"
WS_SERVER_PORT="8001"
Copy link
Contributor

@kcze kcze Sep 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit for consistency

Suggested change
AP_SERVER_HOST="0.0.0.0"
AP_SERVER_PORT="8000"
# WS API
WS_SERVER_HOST="0.0.0.0"
WS_SERVER_PORT="8001"
AP_SERVER_HOST=localhost
AP_SERVER_PORT=8000
# WS API
WS_SERVER_HOST=localhost
WS_SERVER_PORT=8001

edit: I realised that 0.0.0.0 is not the same as localhost but quote marks can be removed nonetheless.

@kcze
Copy link
Contributor

kcze commented Sep 17, 2024

I think it would be good if @aarushik93 and @majdyz looked at this as well.

@github-actions github-actions bot added the conflicts Automatically applied to PRs with merge conflicts label Sep 18, 2024
@github-actions GitHub Actions
Copy link
Contributor

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

@Pwuts
Copy link
Member

Pwuts commented Sep 19, 2024

Since #8008, the ports are configurable:

AutoGPT/rnd/autogpt_server/autogpt_server/util/settings.py

Lines 75 to 88 in f8f6bbc

execution_manager_port: int = Field(
default=8002,
description="The port for execution manager daemon to run on",
)
execution_scheduler_port: int = Field(
default=8003,
description="The port for execution scheduler daemon to run on",
)
agent_server_port: int = Field(
default=8004,
description="The port for agent server daemon to run on",
)

These settings can be used like AGENT_SERVER_PORT=8123.

Do you really need the host to be separately configurable?

@twinsant
Copy link
Author

Since #8008, the ports are configurable:

AutoGPT/rnd/autogpt_server/autogpt_server/util/settings.py

Lines 75 to 88 in f8f6bbc

execution_manager_port: int = Field(
default=8002,
description="The port for execution manager daemon to run on",
)
execution_scheduler_port: int = Field(
default=8003,
description="The port for execution scheduler daemon to run on",
)
agent_server_port: int = Field(
default=8004,
description="The port for agent server daemon to run on",
)

These settings can be used like AGENT_SERVER_PORT=8123.

Do you really need the host to be separately configurable?

Yes, on production server, we need listen to the specific internal host for security reasons, so it's better to config host as a setting.

@twinsant
Copy link
Author

Waiting for a loooooong time....

@majdyz
Copy link
Contributor

majdyz commented Sep 24, 2024

@twinsant That config file is already env-var configurable, you can use the caps too.
e.g:
https://github.com/Significant-Gravitas/AutoGPT/blob/198a1048e8b8f365180415dfc0fb02818111be87/autogpt_platform/backend/backend/util/settings.py#L103C5-L103C19

If you want to change the Agent API port from 8006 to 8009, you can set:
AGENT_API_PORT=8009

@majdyz
Copy link
Contributor

majdyz commented Sep 24, 2024
edited
Loading

Subsequently, you can utilize the same convention to introduce host configuration.
The current PR is unfortunately conflicting & feature-clashing with the existing settings.py feature, would you mind rebasing your change to adapt to the latest code?

@majdyz majdyz mentioned this pull request Sep 24, 2024
Merged
@majdyz
Copy link
Contributor

majdyz commented Sep 24, 2024
edited
Loading

@twinsant #8143 If you don't mind adapting your code to this and see if it matches your requirement, I can close my PR and use yours.

@twinsant twinsant closed this Sep 25, 2024
@github-actions github-actions bot added size/xs and removed size/m labels Sep 25, 2024
@twinsant
Copy link
Author

@twinsant #8143 If you don't mind adapting your code to this and see if it matches your requirement, I can close my PR and use yours.

fine, will improve on your changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kcze kcze kcze approved these changes

@Swiftyos Swiftyos Awaiting requested review from Swiftyos Swiftyos was automatically assigned from Significant-Gravitas/maintainers

@Pwuts Pwuts Awaiting requested review from Pwuts Pwuts was automatically assigned from Significant-Gravitas/maintainers

Assignees
No one assigned
Labels
conflicts Automatically applied to PRs with merge conflicts platform/backend AutoGPT Platform - Back end Review effort [1-5]: 2 size/xs
Projects
AutoGPT development kanban
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@twinsant @kcze @Pwuts @majdyz