Security Warning: The guide below only cover the basic steps to set up firewall for self-hosted Obico Server. The setup required to properly secure your private network is too complicated to be covered here. Please do your own research to gather the necessary info before you proceed.
This is a community-contributed guide. This guide is based on certain Obico community members' own setup and hence may not work for you.
The Obico Server listens on port 3334.
You can set up a reverse-proxy, such as nginx, in front of the Obico Server, so that it's exposed on a different port. In this case, please use whichever port you choose to expose in the steps below. For simplicity sake, this document assumes the server port is 3334.
Windows blocks all incoming connections by default. To allow the connection between your server and the octopi, you will need to open TCP port 3334.
Right click on the windows icon or use the shortcut Win + X.
Choose Windows PowerShell (Admin) from the pop-up menu.
Run the following command.
New-NetFirewallRule -DisplayName 'Obico' -Name 'Obico' -Description 'inbound rule through TCP port 3334 intended for a private Obico' -direction inbound -action allow -Profile Private -Protocol TCP -LocalPort 3334
Mac comes with a firewall, but it doesn't block incoming connections by default. If you haven't enabled, skip this section.
Open System Preferences.
Click Security and Privacy
Navigate to the Firewall pane
Unlock preferences by clicking the lock in the bottom left and signing in as an admin.
Click on Firewall Options...
Add Docker to the list of allowed applications.
Ta-da! Your Obico Server can now talk with other computers/octopies in the network
Since each distro comes with different firewalls, please refer to the guide for your distro (usually on the distro website).