fix: bind Redis to localhost and update port mapping

[SamDingore]

Description 📣

This PR enhances the security of the Redis service in the Infisical Docker setup by binding it strictly to 127.0.0.1.

Problem

Currently, the Redis service is exposed to the public internet due to the default ports configuration (6379:6379). This can lead to unauthorized access and potential security vulnerabilities, as Redis does not have built-in authentication by default.

Solution

• Modified the Redis service in docker-compose.yml to bind explicitly to 127.0.0.1, preventing external access.
• This ensures Redis is only accessible from the local machine while maintaining full functionality within the Docker network.

Why is this Important?

• Prevents unauthorized access to Redis from external IPs.
• Mitigates potential security threats where misconfigured Redis instances can expose sensitive data.
• Aligns with best practices for self-hosted Redis deployments, as recommended in security guidelines.

Type ✨

• Bug fix
• New feature
• Improvement
• Breaking change
• Documentation

Tests 🛠️

Tested the fix by:

1. Deploying Infisical with the updated docker-compose.yml.
2. Verifying that Redis is no longer accessible externally using:

   telnet <SERVER_IP> 6379  # Should fail

3. Confirming that the backend successfully connects to Redis internally:

   docker exec -it infisical-backend redis-cli -h infisical-dev-redis ping

   Expected output: PONG

✅ Redis is fully functional internally but no longer exposed publicly.

---

• I have read the contributing guide, agreed, and acknowledged the code of conduct. 📝

This fix is crucial for securing Redis in Infisical deployments, especially for self-hosted users. Please review and merge at the earliest convenience. 🚀