Proxy over your Docker socket to restrict which requests it accepts (by Tecnativa)

Docker-socket-proxy Alternatives

Similar projects and alternatives to docker-socket-proxy

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better docker-socket-proxy alternative or higher similarity.

docker-socket-proxy reviews and mentions

Posts with mentions or reviews of docker-socket-proxy. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-05-05.
  • Security for your Homeserver
    4 projects | | 5 May 2023
    I just found this the other day. You might be interested I haven't done myself yet
  • Gitea 1.19.0 released - now with support for Actions
    2 projects | | 20 Mar 2023
    I think you could provide access to the socket using a "docker-socket-proxy" container. It allows other containers to access the docker socket, you can even control which actions are allowed and which are not. You can use a bridge network for the communication to the socket-proxy container, so the socket-proxy container does not need to map/expose any ports. In the other container you need to set the "DOCKER_HOST" env variable accordingly, e.g. "DOCKER_HOST=tcp://mydockersockerproxycontainer:2375".
  • Is there any docker dashboard that auto detect the services ?
    5 projects | | 8 Sep 2022
    May be not necessarily:
  • Basic Traefik configuration tutorial
    4 projects | | 12 Feb 2022
    version: "3.7" services: traefik: image: traefik:v2.6 command: # Entrypoints configuration - --entrypoints.web.address=:80 # Docker provider configuration - --providers.docker=true # Makes sure that services have to explicitly direct Traefik to expose them - --providers.docker.exposedbydefault=false # Use the secure docker socket proxy - --providers.docker.endpoint=tcp://socket_proxy:2375 # Default docker network to use for connections to all containers - # Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - --log.level=info ports: - 80:80 networks: - traefik_public - socket_proxy restart: unless-stopped depends_on: - socket_proxy # whoami: image: traefik/whoami:v1.7.1 labels: # Explicitly instruct Traefik to expose this service - traefik.enable=true # Router configuration ## Listen to the `web` entrypoint - traefik.http.routers.whoami_route.entrypoints=web ## Rule based on the Host of the request - traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`) - traefik.http.routers.whoami_route.service=whoami_service # Service configuration ## 80 is the port that the whoami container is listening to - networks: - traefik_public # # Security-enhanced proxy for the Docker Socket socket_proxy: image: tecnativa/docker-socket-proxy:latest restart: unless-stopped environment: NETWORKS: 1 SERVICES: 1 CONTAINERS: 1 TASKS: 1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro networks: - socket_proxy networks: traefik_public: external: true socket_proxy: external: true
  • Traefik Docker Protector
    2 projects | | 20 Jan 2022
    tecnativa's docker-socket-proxy does roughly the same thing but can be used for any container that requires access to the Docker socket.
  • How to properly secure the server?
    5 projects | | 16 Nov 2021
  • Monitoring app releases and updates..
    3 projects | | 20 Oct 2021
    Have you checked-out any socket proxies? Instead of exposing the socket though a volume, it’s done through the local docker network through the proxy container. This allows you to enable/disable access to the socket API using environmental variables. This is the image I’m using:
  • Worry for Synology?
    2 projects | | 5 Jul 2021
    Docker’s root privileges are only a problem if you grant your container unrestricted access to the docker socket /var/run/docker.sock. For containers that need it, there are strategies to limit access only to the APIs that the container actually needs by using the docker-socket-proxy.
  • How to begin with Docker if I want the best security for my websites?
    3 projects | | 16 May 2021
  • This is why I don't blindly suggest people to selfhost their Bitwarden account. Unless: 1. You are experienced and know what you are doing 2. You have time to setup and maintain it 3. You have your own trusted people to maintain it
    2 projects | | 15 May 2021
    I wish more people understood this. You may be interested in
  • A note from our sponsor - ONLYOFFICE | 31 May 2023
    Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises Learn more →


Basic docker-socket-proxy repo stats
about 2 months ago
Write Clean Python Code. Always.
Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.