How to Secure the Collabora/Languagetool Docker Image

I have been playing around with the collabora/languagetool docker image and have a few questions around how to secure it.

I am using an instance in Oracle cloud as my playground; VM.Standard.A1.Flex (arm64) with Ubuntu 22.04.

Below are my docker commands:

sudo docker run -t -d \
--name code \
-p \
-e "" \
-e "aliasgroup1=" \
-e "aliasgroup2=" \
-e "dictionaries=en_US" \
-e "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:languagetool.enabled=true --o:languagetool.base_url=" \
-e "username=username" \
-e "password=password" \
--restart always \

sudo docker run -d \
--name languagetool \
-p \
-v /ngrams:/ngrams:ro \
--restart=unless-stopped \

And here is the body of my Apache conf for the reverse proxy to add SSL:

AllowEncodedSlashes NoDecode
 ProxyPreserveHost On

 # static html, js, images, etc. served from coolwsd
 # browser is the client part of Collabora Online
 ProxyPass           /browser retry=0
 ProxyPassReverse    /browser

 # WOPI discovery URL
 ProxyPass           /hosting/discovery retry=0
 ProxyPassReverse    /hosting/discovery

 # Capabilities
 ProxyPass           /hosting/capabilities retry=0
 ProxyPassReverse    /hosting/capabilities

 # Main websocket
 ProxyPassMatch      "/cool/(.*)/ws$"      ws://$1/ws nocanon

 # Admin Console websocket
 ProxyPass           /cool/adminws ws://

 # Download as, Fullscreen presentation and Image upload operations
 ProxyPass           /cool
 ProxyPassReverse    /cool
 # Compatibility with integrations that use the /lool/convert-to endpoint
 ProxyPass           /lool
 ProxyPassReverse    /lool

 # LanguageTool API
 ProxyPass           /v2
 ProxyPassReverse    /v2

This works, however there is nothing protecting the LanguageTool API. That is, anyone that comes across the URL could start using it, which does not seem very secure. Is there a way of locking this down so that only the CODE instance wish are able to uses this?

Thank you for your help

I have been looking into this some more and as far as I can tell LanguageTool does not have the ability to add such protection, docker or otherwise. Or at least not for a self-hosted non-premium install. It seems like the best option would be to do something like basic auth in a reverse proxy. However, the client, in this case the CODE instance, would need to support this. I suspect CODE does not support this option.

Thank you