Commit 4634955

committed

sec: adding a proxy for docker socket

Portainer will now use the tcp 2375 of the container dockerproxy instead of the docker socket directly

1 parent 4a045da commit 4634955Copy full SHA for 4634955

File tree

1 file changed

+51

-1

lines changed

portainer
- docker-compose.yml

1 file changed

+51

-1

lines changed

`‎portainer/docker-compose.yml`

Lines changed: 51 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,10 +1,51 @@`
`1`	`1`	`---`
`2`	`2`
`3`	`3`	`services:`
	`4`	`+ dockerproxy:`
	`5`	`+ image: tecnativa/docker-socket-proxy:edge`
	`6`	`+ restart: always`
	`7`	`+ container_name: dockerproxy`
	`8`	`+ networks:`
	`9`	`+ - dockerproxynet`
	`10`	`+ volumes:`
	`11`	`+ - /var/run/docker.sock:/var/run/docker.sock:ro`
	`12`	`+ environment:`
	`13`	`+ LOG_LEVEL: info`
	`14`	`+ # 0 to revoke access / 1 to grant access.`
	`15`	`+ ## Granted by Default`
	`16`	`+ EVENTS: 1`
	`17`	`+ PING: 1`
	`18`	`+ VERSION: 1`
	`19`	`+ ## Revoked by Default`
	`20`	`+ # Security critical`
	`21`	`+ AUTH: 0`
	`22`	`+ SECRETS: 0`
	`23`	`+ # Not always needed`
	`24`	`+ BUILD: 0`
	`25`	`+ COMMIT: 0`
	`26`	`+ CONFIGS: 0`
	`27`	`+ CONTAINERS: 1 # Traefik, portainer, etc.`
	`28`	`+ DISTRIBUTION: 0`
	`29`	`+ EXEC: 0`
	`30`	`+ IMAGES: 1 # Portainer`
	`31`	`+ INFO: 1 # Portainer`
	`32`	`+ NETWORKS: 1 # Portainer`
	`33`	`+ NODES: 0`
	`34`	`+ PLUGINS: 0`
	`35`	`+ SERVICES: 1 # Portainer`
	`36`	`+ SESSION: 0`
	`37`	`+ SWARM: 0`
	`38`	`+ SYSTEM: 0`
	`39`	`+ TASKS: 1 # Portainer`
	`40`	`+ VOLUMES: 1 # Portainer`
	`41`	`+ TZ: "Europe/Paris"`
	`42`	`+`
`4`	`43`	`portainer:`
`5`	`44`	`image: portainer/${VERSION}`
`6`	`45`	`restart: unless-stopped`
`7`		`- command: -H unix:///var/run/docker.sock`
	`46`	`+ networks:`
	`47`	`+ - dockerproxynet`
	`48`	`+ command: ["-H", "tcp://dockerproxy:2375"]`
`8`	`49`	`ports:`
`9`	`50`	`- 9000:9000`
`10`	`51`	`volumes:`
`@@ -13,6 +54,15 @@ services:`
`13`	`54`	`- dataportainer:/data`
`14`	`55`	`environment:`
`15`	`56`	`TZ: "Europe/Paris"`
	`57`	`+ depends_on:`
	`58`	`+ - dockerproxy`
`16`	`59`
`17`	`60`	`volumes:`
`18`	`61`	`dataportainer:`
	`62`	`+`
	`63`	`+networks:`
	`64`	`+ dockerproxynet:`
	`65`	`+ name: dockerproxynet`
	`66`	`+ ipam:`
	`67`	`+ config:`
	`68`	`+ - subnet: 172.16.10.0/24`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 4634955

File tree

1 file changed

1 file changed

`‎portainer/docker-compose.yml`

0 commit comments