Ollama binds its API to 127.0.0.1:11434 by default, which keeps local model access private to the machine. Changing OLLAMA_HOST exposes the server on another address or port for containers, LAN clients, or reverse proxies.
The bind address is a server setting, not a client setting. Set it in the service, desktop app environment, or foreground ollama serve process before starting Ollama.
Treat network exposure as a security boundary. Ollama's local API is not authenticated by default, so bind to a trusted interface or place an authenticated proxy in front of any shared endpoint.
Related: How to manage the Ollama service
Related: How to check the Ollama API server
Related: How to set allowed origins in Ollama
$ printf '%s\n' '0.0.0.0:11434' 0.0.0.0:11434
Use 127.0.0.1:11434 for local-only access.
$ OLLAMA_HOST=0.0.0.0:11434 ollama serve Listening on [::]:11434
[Service] Environment="OLLAMA_HOST=0.0.0.0:11434"
$ sudo systemctl daemon-reload $ sudo systemctl restart ollama
Related: How to manage the Ollama service
$ curl -s http://192.0.2.10:11434/api/version {"version":"0.31.1"}
Use a firewall or proxy rule before exposing the port beyond trusted networks.