docker-socket-proxy
Proxy over your Docker socket to restrict which requests it accepts (by Tecnativa)
whoami
Tiny Go server that prints os information and HTTP request to output (by containous)
Our great sponsors
docker-socket-proxy | whoami | |
---|---|---|
23 | 10 | |
1,192 | 913 | |
6.2% | 3.5% | |
5.3 | 4.8 | |
13 days ago | 4 months ago | |
Python | Go | |
Apache License 2.0 | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-socket-proxy
Posts with mentions or reviews of docker-socket-proxy.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-05.
-
Security for your Homeserver
I just found this the other day. You might be interested I haven't done myself yet https://github.com/Tecnativa/docker-socket-proxy
-
Gitea 1.19.0 released - now with support for Actions
I think you could provide access to the socket using a "docker-socket-proxy" container. It allows other containers to access the docker socket, you can even control which actions are allowed and which are not. You can use a bridge network for the communication to the socket-proxy container, so the socket-proxy container does not need to map/expose any ports. In the other container you need to set the "DOCKER_HOST" env variable accordingly, e.g. "DOCKER_HOST=tcp://mydockersockerproxycontainer:2375". https://github.com/Tecnativa/docker-socket-proxy
-
Unraid Remotely Access Docker Daemon
I use the container docker socket proxy
- Why does next cloud docker installation require access to /var/run/docker.sock (albeit read-only)? Is there a way to circumvent that?
-
Docker socket security
There are Docker socket proxys (like docker-socket-proxy 😉) that are made exactly for this. You can pass only read access to the socket and even restrict what resources can be read.
-
VM with multiple staging hosts GitLab CI?
So far I have Traefik set up and tested (along with some security lockdowns https://github.com/Tecnativa/docker-socket-proxy). This is working well: I can manually create containers, get a cert, dynamic hostnames, etc.
-
Is there any docker dashboard that auto detect the services ?
May be not necessarily: https://github.com/Tecnativa/docker-socket-proxy
-
[How-to] Securing access to your `docker.sock` file.
Many of you might already be familiar with Tecnativa's docker-socket-proxy which says:
-
Basic Traefik configuration tutorial
version: "3.7" services: traefik: image: traefik:v2.6 command: # Entrypoints configuration - --entrypoints.web.address=:80 # Docker provider configuration - --providers.docker=true # Makes sure that services have to explicitly direct Traefik to expose them - --providers.docker.exposedbydefault=false # Use the secure docker socket proxy - --providers.docker.endpoint=tcp://socket_proxy:2375 # Default docker network to use for connections to all containers - --providers.docker.network=traefik_public # Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - --log.level=info ports: - 80:80 networks: - traefik_public - socket_proxy restart: unless-stopped depends_on: - socket_proxy # https://github.com/traefik/whoami whoami: image: traefik/whoami:v1.7.1 labels: # Explicitly instruct Traefik to expose this service - traefik.enable=true # Router configuration ## Listen to the `web` entrypoint - traefik.http.routers.whoami_route.entrypoints=web ## Rule based on the Host of the request - traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`) - traefik.http.routers.whoami_route.service=whoami_service # Service configuration ## 80 is the port that the whoami container is listening to - traefik.http.services.whoami_service.loadbalancer.server.port=80 networks: - traefik_public # https://github.com/Tecnativa/docker-socket-proxy # Security-enhanced proxy for the Docker Socket socket_proxy: image: tecnativa/docker-socket-proxy:latest restart: unless-stopped environment: NETWORKS: 1 SERVICES: 1 CONTAINERS: 1 TASKS: 1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - socket_proxy networks: traefik_public: external: true socket_proxy: external: true
- docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
whoami
Posts with mentions or reviews of whoami.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-01-07.
-
Analyzing HTTPS traffic between traefik and services
What do you want to see? If it's about the request and the headers, you could run a whoami service as target to see the headers.
-
Authentik Plex SSO
Testing the expression in the linked GH issue it definitely works when using a whoami type backend (https://github.com/traefik/whoami) which just shows all the headers that are being sent.
-
AWS Lightsail Container Services with Reverse Proxy
An app called whoami. This is a dead simple go app that spits back header and IP information.
-
What's the best beginners guide to self hosting Nextcloud?
Example ``` FROM golang:1-alpine as builder
-
Forwarding real IP when running as a container
Use whoami to check yourself.
-
Unable to attach services to traefik with docker swarm
Launch a simple test container with the labels to see if traefik picks it up and routes according to the domain.
-
UDM NAT/Port-Forward not showing source IP
Unfortunately still doesn't work, even bypassing NGINX and just using a simple whoami go web server (https://github.com/traefik/whoami) directly running on linux (no docker) it's still reporting the RemoteAddr as 192.168.100.1:52061, this should be the IP address of the client.
-
trying to get traefik to work.
version: '3.9' services: traefik: image: traefik:v2.6 command: - --providers.docker - --entrypoints.web.address=:80 - --entrypoints.websecure.address=:443 ports: - "80:80" - "443:443" volumes: - /var/run/docker.sock:/var/run/docker.sock whoami: image: traefik/whoami # https://github.com/traefik/whoami command: -name whoami labels: traefik.http.routers.whoami.rule: Host(`whoami.localhost`)
-
Basic Traefik configuration tutorial
version: "3.7" services: traefik: image: traefik:v2.6 command: # Entrypoints configuration - --entrypoints.web.address=:80 # Docker provider configuration - --providers.docker=true # Makes sure that services have to explicitly direct Traefik to expose them - --providers.docker.exposedbydefault=false # Use the secure docker socket proxy - --providers.docker.endpoint=tcp://socket_proxy:2375 # Default docker network to use for connections to all containers - --providers.docker.network=traefik_public # Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - --log.level=info ports: - 80:80 networks: - traefik_public - socket_proxy restart: unless-stopped depends_on: - socket_proxy # https://github.com/traefik/whoami whoami: image: traefik/whoami:v1.7.1 labels: # Explicitly instruct Traefik to expose this service - traefik.enable=true # Router configuration ## Listen to the `web` entrypoint - traefik.http.routers.whoami_route.entrypoints=web ## Rule based on the Host of the request - traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`) - traefik.http.routers.whoami_route.service=whoami_service # Service configuration ## 80 is the port that the whoami container is listening to - traefik.http.services.whoami_service.loadbalancer.server.port=80 networks: - traefik_public # https://github.com/Tecnativa/docker-socket-proxy # Security-enhanced proxy for the Docker Socket socket_proxy: image: tecnativa/docker-socket-proxy:latest restart: unless-stopped environment: NETWORKS: 1 SERVICES: 1 CONTAINERS: 1 TASKS: 1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - socket_proxy networks: traefik_public: external: true socket_proxy: external: true
-
How to Bake A Python Package Cake🐍+📦=🎂
Pywhoami is inspired by the whoami Go server by Traefik Labs. Send a request to one of the endpoints to get back details from your HTTP request. With pywhoami you can help answer questions like, what headers were added to my original request by a proxy server.
What are some alternatives?
When comparing docker-socket-proxy and whoami you can also consider the following projects:
watchtower - A process for automating Docker container base image updates.
traefik-tutorial-docker-compose-files
wireguard-ui - Wireguard web interface
traefik - The Cloud Native Application Proxy
Diun - Receive notifications when an image is updated on a Docker registry
make-my-server - Docker Compose with Traefik and lots of services
cadvisor - Analyzes resource usage and performance characteristics of running containers.
sampleproject - A sample project that exists for PyPUG's "Tutorial on Packaging and Distributing Projects"
docker - ⛴ Docker image of Nextcloud
pywhoami - A Simple HTTP Request Analysis Server
flap
maisonneux - Personal collection of stacks for a home server
docker-socket-proxy vs watchtower
whoami vs traefik-tutorial-docker-compose-files
docker-socket-proxy vs wireguard-ui
whoami vs traefik
docker-socket-proxy vs Diun
whoami vs make-my-server
docker-socket-proxy vs cadvisor
whoami vs sampleproject
docker-socket-proxy vs docker
whoami vs pywhoami
docker-socket-proxy vs flap
whoami vs maisonneux