pivpn
docker-socket-proxy
Our great sponsors
pivpn | docker-socket-proxy | |
---|---|---|
311 | 23 | |
6,871 | 1,200 | |
3.0% | 6.8% | |
5.8 | 5.3 | |
13 days ago | 12 days ago | |
Shell | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pivpn
- PiVPN v4.6.0: The End
-
Network setup for remote access
PiVPN for classic VPN software https://pivpn.io - Wireguard would be my choice
-
Can't get it to run after installation, although running vpn from this pi before
Linux retropie 5.10.103-v7l+ #1529 SMP Tue Mar 8 12:24:00 GMT 2022 armv7l GNU/Linux
-
Easy VPN install on Debian
Wondering what people are using these days to get a VPN (Wireguard?) up and running easily. Is Wireguard itself simple enough that one can just ... do this? I'm thinking of something like PiVPN which does appear to still exist but I'm unsure of how up-to-date it is. Specifically, I like terminal commands just fine, but would prefer not to have to manually configure a basic VPN (internet gateway) and its associated profiles/certificates.
- LAN-to-LAN VPN
-
setting up remote access for homelab
A real simple way is pivpn in a vm. Super easy to set up and manage users. https://github.com/pivpn/pivpn
- Festplatten / NAS die sich via Cloud synchronisieren?
- Wireguard without VPS?
-
Remote Access
They're easily set up via the guided PiVPN installation script. Should work on everything that's Debian-based, not just on Rasbian running on a Pi.
-
Build your own private WireGuard VPN with PiVPN
under Features in [1]:
* Doesn't need to be a Raspberry Pi™, It runs on any x86_64 system
[1] https://pivpn.io/
docker-socket-proxy
-
Security for your Homeserver
I just found this the other day. You might be interested I haven't done myself yet https://github.com/Tecnativa/docker-socket-proxy
-
Gitea 1.19.0 released - now with support for Actions
I think you could provide access to the socket using a "docker-socket-proxy" container. It allows other containers to access the docker socket, you can even control which actions are allowed and which are not. You can use a bridge network for the communication to the socket-proxy container, so the socket-proxy container does not need to map/expose any ports. In the other container you need to set the "DOCKER_HOST" env variable accordingly, e.g. "DOCKER_HOST=tcp://mydockersockerproxycontainer:2375". https://github.com/Tecnativa/docker-socket-proxy
-
Unraid Remotely Access Docker Daemon
I use the container docker socket proxy
- Why does next cloud docker installation require access to /var/run/docker.sock (albeit read-only)? Is there a way to circumvent that?
-
Docker socket security
There are Docker socket proxys (like docker-socket-proxy 😉) that are made exactly for this. You can pass only read access to the socket and even restrict what resources can be read.
-
VM with multiple staging hosts GitLab CI?
So far I have Traefik set up and tested (along with some security lockdowns https://github.com/Tecnativa/docker-socket-proxy). This is working well: I can manually create containers, get a cert, dynamic hostnames, etc.
-
Is there any docker dashboard that auto detect the services ?
May be not necessarily: https://github.com/Tecnativa/docker-socket-proxy
-
[How-to] Securing access to your `docker.sock` file.
Many of you might already be familiar with Tecnativa's docker-socket-proxy which says:
-
Basic Traefik configuration tutorial
version: "3.7" services: traefik: image: traefik:v2.6 command: # Entrypoints configuration - --entrypoints.web.address=:80 # Docker provider configuration - --providers.docker=true # Makes sure that services have to explicitly direct Traefik to expose them - --providers.docker.exposedbydefault=false # Use the secure docker socket proxy - --providers.docker.endpoint=tcp://socket_proxy:2375 # Default docker network to use for connections to all containers - --providers.docker.network=traefik_public # Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - --log.level=info ports: - 80:80 networks: - traefik_public - socket_proxy restart: unless-stopped depends_on: - socket_proxy # https://github.com/traefik/whoami whoami: image: traefik/whoami:v1.7.1 labels: # Explicitly instruct Traefik to expose this service - traefik.enable=true # Router configuration ## Listen to the `web` entrypoint - traefik.http.routers.whoami_route.entrypoints=web ## Rule based on the Host of the request - traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`) - traefik.http.routers.whoami_route.service=whoami_service # Service configuration ## 80 is the port that the whoami container is listening to - traefik.http.services.whoami_service.loadbalancer.server.port=80 networks: - traefik_public # https://github.com/Tecnativa/docker-socket-proxy # Security-enhanced proxy for the Docker Socket socket_proxy: image: tecnativa/docker-socket-proxy:latest restart: unless-stopped environment: NETWORKS: 1 SERVICES: 1 CONTAINERS: 1 TASKS: 1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - socket_proxy networks: traefik_public: external: true socket_proxy: external: true
- docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
What are some alternatives?
tailscale - The easiest, most secure way to use WireGuard and 2FA.
watchtower - A process for automating Docker container base image updates.
docker-wireguard
Diun - Receive notifications when an image is updated on a Docker registry
wg-easy - The easiest way to run WireGuard VPN + Web-based Admin UI. [Moved to: https://github.com/wg-easy/wg-easy]
wireguard-ui - Wireguard web interface
wg-easy - The easiest way to run WireGuard VPN + Web-based Admin UI.
cadvisor - Analyzes resource usage and performance characteristics of running containers.
wireguard-windows - Download WireGuard for Windows at https://www.wireguard.com/install . This repo is a mirror only. Official repository is at https://git.zx2c4.com/wireguard-windows
flap
OpenVPN - OpenVPN is an open source VPN daemon
docker - ⛴ Docker image of Nextcloud