docker-socket-proxy
auto-docker-dash
Our great sponsors
docker-socket-proxy | auto-docker-dash | |
---|---|---|
23 | 11 | |
1,211 | 157 | |
7.7% | 1.3% | |
4.9 | 0.0 | |
14 days ago | over 2 years ago | |
Python | TypeScript | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-socket-proxy
-
Security for your Homeserver
I just found this the other day. You might be interested I haven't done myself yet https://github.com/Tecnativa/docker-socket-proxy
-
Gitea 1.19.0 released - now with support for Actions
I think you could provide access to the socket using a "docker-socket-proxy" container. It allows other containers to access the docker socket, you can even control which actions are allowed and which are not. You can use a bridge network for the communication to the socket-proxy container, so the socket-proxy container does not need to map/expose any ports. In the other container you need to set the "DOCKER_HOST" env variable accordingly, e.g. "DOCKER_HOST=tcp://mydockersockerproxycontainer:2375". https://github.com/Tecnativa/docker-socket-proxy
-
Unraid Remotely Access Docker Daemon
I use the container docker socket proxy
- Why does next cloud docker installation require access to /var/run/docker.sock (albeit read-only)? Is there a way to circumvent that?
-
Docker socket security
There are Docker socket proxys (like docker-socket-proxy 😉) that are made exactly for this. You can pass only read access to the socket and even restrict what resources can be read.
-
VM with multiple staging hosts GitLab CI?
So far I have Traefik set up and tested (along with some security lockdowns https://github.com/Tecnativa/docker-socket-proxy). This is working well: I can manually create containers, get a cert, dynamic hostnames, etc.
-
Is there any docker dashboard that auto detect the services ?
May be not necessarily: https://github.com/Tecnativa/docker-socket-proxy
-
[How-to] Securing access to your `docker.sock` file.
Many of you might already be familiar with Tecnativa's docker-socket-proxy which says:
-
Basic Traefik configuration tutorial
version: "3.7" services: traefik: image: traefik:v2.6 command: # Entrypoints configuration - --entrypoints.web.address=:80 # Docker provider configuration - --providers.docker=true # Makes sure that services have to explicitly direct Traefik to expose them - --providers.docker.exposedbydefault=false # Use the secure docker socket proxy - --providers.docker.endpoint=tcp://socket_proxy:2375 # Default docker network to use for connections to all containers - --providers.docker.network=traefik_public # Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - --log.level=info ports: - 80:80 networks: - traefik_public - socket_proxy restart: unless-stopped depends_on: - socket_proxy # https://github.com/traefik/whoami whoami: image: traefik/whoami:v1.7.1 labels: # Explicitly instruct Traefik to expose this service - traefik.enable=true # Router configuration ## Listen to the `web` entrypoint - traefik.http.routers.whoami_route.entrypoints=web ## Rule based on the Host of the request - traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`) - traefik.http.routers.whoami_route.service=whoami_service # Service configuration ## 80 is the port that the whoami container is listening to - traefik.http.services.whoami_service.loadbalancer.server.port=80 networks: - traefik_public # https://github.com/Tecnativa/docker-socket-proxy # Security-enhanced proxy for the Docker Socket socket_proxy: image: tecnativa/docker-socket-proxy:latest restart: unless-stopped environment: NETWORKS: 1 SERVICES: 1 CONTAINERS: 1 TASKS: 1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - socket_proxy networks: traefik_public: external: true socket_proxy: external: true
- docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
auto-docker-dash
-
What are your top self hosted services that you are very satisfied with ?
Plugsy - My Docker dashboard
-
Is there any docker dashboard that auto detect the services ?
Could look at a dashboard like Plugsy or Flame (fork that supports categories). They are automatically added to the dashboard with the use of docker labels.
-
Dashboard: Flame alternative with categories that is not resource intensive?
I have stuck with plugsy due to the lack of category support in flame. It has not been active though in several months. It has docker label and category support. It is manual configuration in a json file for non docker items. Going to take a look at the flam fork.
-
Easy-Gate: A gate to your self hosted infrastructure
I still stick to Plugsy for a simple homeserver. It allowes you to use Docker Compose with labels. You will have a fully configured dashboard simply by running compose. I wish more apps allowed configuration through environment vars and labels. The downside is the current bug when proxied: https://github.com/plugsy/core/issues/31 Other than that it's great.
-
Self configuring dashboard based on docker configuration?
Look at plugsy also. I prefer it as It allows for categories where flame only does for links.
- Management of multiple Docker physical hosts & their containers?
-
Feature packed personal dashboard
I also used Heimdall and Homer. I finally settled on Plugsy due to its simplicity. It has no bells and whistles, but is very simple. One config file and the rest is done with Docker labels.
- Landing page for Kubernetes
-
Plugsy V3 Released
See here: https://github.com/plugsy/core/blob/main/docs/agent-mode.md
-
I made a docker dashboard, configured using docker labels
Thought I'd share my most recent creation: autodockerdash
What are some alternatives?
watchtower - A process for automating Docker container base image updates.
easy-gate - A gate to your self hosted infrastructure
Diun - Receive notifications when an image is updated on a Docker registry
Heimdall - An Application dashboard and launcher
wireguard-ui - Wireguard web interface
oneuptime - OneUptime is the complete open-source observability platform.
cadvisor - Analyzes resource usage and performance characteristics of running containers.
homer - A very simple static homepage for your server.
flap
dashy - 🚀 A self-hostable personal dashboard built for you. Includes status-checking, widgets, themes, icon packs, a UI editor and tons more!
docker - â›´ Docker image of Nextcloud
homarr - Customizable browser's home page to interact with your homeserver's Docker containers (e.g. Sonarr/Radarr)