There's no reason not to expose those services to the Internet, they have authentication, and noone can access them without logging in first. There are actually reasons for exposing them, you can share a memo or a file to other people. You should enable HTTPS though to prevent passwords being transferred in clear text.
silenium_dev
joined 9 months ago
If you're exposing memos through nginx, the SITE_URL needs to be the public url where nginx exposed memos (so exactly the same as you enter in your browser), not the Public-IP and the internal port of memos.
You may need to configure nginx to pass through some additional headers, I haven't used it in a while. It could also be that memos refuses IP addresses as SITE_URL, and needs a proper domain name.
I'm using traefik (on kubernetes) as reverse proxy, and I don't even set SITE_URL, but it still works.