Skip to main content

Network flows

Services and components#

Services and components

Ingress traffic#

Services and listening port:

ProcessUsageOptionalListen address
nginxweb serverNo0.0.0.0:443 and 0.0.0.0:80
nginxmonitoringYes127.0.0.1:8081
rabbitmqmessage brokerNo127.0.0.1:5671 and 127.0.0.1:5672
rabbitmqmanagement interfaceYes127.0.0.1:15671 and 127.0.0.1:15672
rabbitmqdistribution portNo127.0.0.1:25672
epmdrabbitmq communicationsNo0.0.0.0:4369
rediscache and configurationNo127.0.0.1:6379
postgresqldatabase and storageNo127.0.0.1:5432
gitguardianapplicationNo127.0.0.1:5050

We recommend to filter all incoming traffic except on port TCP 80 and TCP 443.

Egress traffic#

The following is a list of features that will make outbound requests.

  • Secret detector checkers
  • GitLab source
  • GitHub Enterprise source
  • GitHub source
  • Slack notifier
  • Custom webhook notifier
  • Email notifications (either SMTP or Sendgrid)
  • Sentry
  • Logstash
  • Datadog APM