docker-socket-proxy
Proxy over your Docker socket to restrict which requests it accepts (by Tecnativa)
watchman
Watches files and records, or triggers actions, when they change. (by facebook)
Our great sponsors
docker-socket-proxy | watchman | |
---|---|---|
23 | 31 | |
1,192 | 12,248 | |
6.2% | 0.7% | |
5.3 | 9.0 | |
14 days ago | 7 days ago | |
Python | C++ | |
Apache License 2.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-socket-proxy
Posts with mentions or reviews of docker-socket-proxy.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-05.
-
Security for your Homeserver
I just found this the other day. You might be interested I haven't done myself yet https://github.com/Tecnativa/docker-socket-proxy
-
Gitea 1.19.0 released - now with support for Actions
I think you could provide access to the socket using a "docker-socket-proxy" container. It allows other containers to access the docker socket, you can even control which actions are allowed and which are not. You can use a bridge network for the communication to the socket-proxy container, so the socket-proxy container does not need to map/expose any ports. In the other container you need to set the "DOCKER_HOST" env variable accordingly, e.g. "DOCKER_HOST=tcp://mydockersockerproxycontainer:2375". https://github.com/Tecnativa/docker-socket-proxy
-
Unraid Remotely Access Docker Daemon
I use the container docker socket proxy
- Why does next cloud docker installation require access to /var/run/docker.sock (albeit read-only)? Is there a way to circumvent that?
-
Docker socket security
There are Docker socket proxys (like docker-socket-proxy 😉) that are made exactly for this. You can pass only read access to the socket and even restrict what resources can be read.
-
VM with multiple staging hosts GitLab CI?
So far I have Traefik set up and tested (along with some security lockdowns https://github.com/Tecnativa/docker-socket-proxy). This is working well: I can manually create containers, get a cert, dynamic hostnames, etc.
-
Is there any docker dashboard that auto detect the services ?
May be not necessarily: https://github.com/Tecnativa/docker-socket-proxy
-
[How-to] Securing access to your `docker.sock` file.
Many of you might already be familiar with Tecnativa's docker-socket-proxy which says:
-
Basic Traefik configuration tutorial
version: "3.7" services: traefik: image: traefik:v2.6 command: # Entrypoints configuration - --entrypoints.web.address=:80 # Docker provider configuration - --providers.docker=true # Makes sure that services have to explicitly direct Traefik to expose them - --providers.docker.exposedbydefault=false # Use the secure docker socket proxy - --providers.docker.endpoint=tcp://socket_proxy:2375 # Default docker network to use for connections to all containers - --providers.docker.network=traefik_public # Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - --log.level=info ports: - 80:80 networks: - traefik_public - socket_proxy restart: unless-stopped depends_on: - socket_proxy # https://github.com/traefik/whoami whoami: image: traefik/whoami:v1.7.1 labels: # Explicitly instruct Traefik to expose this service - traefik.enable=true # Router configuration ## Listen to the `web` entrypoint - traefik.http.routers.whoami_route.entrypoints=web ## Rule based on the Host of the request - traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`) - traefik.http.routers.whoami_route.service=whoami_service # Service configuration ## 80 is the port that the whoami container is listening to - traefik.http.services.whoami_service.loadbalancer.server.port=80 networks: - traefik_public # https://github.com/Tecnativa/docker-socket-proxy # Security-enhanced proxy for the Docker Socket socket_proxy: image: tecnativa/docker-socket-proxy:latest restart: unless-stopped environment: NETWORKS: 1 SERVICES: 1 CONTAINERS: 1 TASKS: 1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - socket_proxy networks: traefik_public: external: true socket_proxy: external: true
- docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
watchman
Posts with mentions or reviews of watchman.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-09-22.
- Watchman – A File Watching Service
-
Dev Container for React Native with Expo
postCreateCommand This section permit to execute a command after the build of the container. I've used this command to execute a script to install Expo and other dependencies like watchman
- Using Bun.js as a Bundler
- How To Monitor a Folder On Startup
-
changedetection for file shares
Facebook open source product: https://github.com/facebook/watchman to get notified when configuration, file or other change
- [Media] OnChange: CLI utility to automatically run commands on file change (details in comments)
-
Any else using Meta's née Facebook's Watchman service?
Facebook Meta's Watchman Service looks very useful for watching for changes in files and directories to kick off automation. Still, there seem to be a bunch of gotchas with it that only come to light after trying to mess with it. The docs seem lacking, the Python library needs to be updated, and even the installation on non-Ubuntu or Red Hat distros requires a rebuild, which has been somewhat problematic given the build tools. Also, no official Docker container.
- Show HN: I built a tool to get instant test results (
- Watchman: A File Watching Service
-
Watchman: Execute a command when something changes
Not to be confused with Facebook’s file watch daemon, which does the same sort of thing but is more complicated. There’s a bunch of tools that integrate Facebook’s watchman for more efficient change tracking.
What are some alternatives?
When comparing docker-socket-proxy and watchman you can also consider the following projects:
watchtower - A process for automating Docker container base image updates.
wireguard-ui - Wireguard web interface
nvim-lsp-ts-utils - Utilities to improve the TypeScript development experience for Neovim's built-in LSP client.
Diun - Receive notifications when an image is updated on a Docker registry
watchexec - Executes commands in response to file modifications
cadvisor - Analyzes resource usage and performance characteristics of running containers.
lush.nvim - Create Neovim themes with real-time feedback, export anywhere.
docker - â›´ Docker image of Nextcloud
Lsyncd - Lsyncd (Live Syncing Daemon) synchronizes local directories with remote targets
flap
go-git - A highly extensible Git implementation in pure Go.
docker-socket-proxy vs watchtower
watchman vs wireguard-ui
docker-socket-proxy vs wireguard-ui
watchman vs nvim-lsp-ts-utils
docker-socket-proxy vs Diun
watchman vs watchexec
docker-socket-proxy vs cadvisor
watchman vs lush.nvim
docker-socket-proxy vs docker
watchman vs Lsyncd
docker-socket-proxy vs flap
watchman vs go-git