Skip to content
This repository has been archived by the owner on Jul 20, 2022. It is now read-only.

homecentr/docker-portainer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
.github
.github
 
 
fs/etc
fs/etc
 
 
tests
tests
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.releaserc
.releaserc
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
docker-compose.yml
docker-compose.yml
 
 
package.json
package.json
 
 

Repository files navigation

Project status

CI/CD on master

HomeCentr - Portainer

This docker image is a repack of the original Portainer compliant with the HomeCenter docker images standard (S6 overlay, privilege drop etc.).

Usage

version: "3.7"
services:
  portainer:
    build: .
    image: homecentr/portainer
    restart: unless-stopped
    environment:
      PORTAINER_ARGS: "--no-auth"
      WAIT_FOR_NS_RECORD: "tasks.agent"
      WAIT_FOR_NS_RECORD_TIMEOUT: 30
    healthcheck:
      start_period: 40s    
    ports:
      - "9000:9000/tcp"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

Environment variables

Name Default value Description
PUID 7077 UID of the user portainer should be running as. The UID must have sufficient rights to read from the Docker socket.
PGID 7077 GID of the user portainer should be running as. You must set the PUID if you want to set the PGID variable.
PORTAINER_ARGS Command line arguments to the Portainer executable. By default the logs are redirected to the container output
WAIT_FOR_NS_RECORD DNS record which should be successfully resolved before starting the Portainer. This is useful when running the container in Docker Swarm and using the tasks. DNS alias to automatically discover agents. If the DNS record cannot be resolved when the container is starting, the execution fails.
WAIT_FOR_NS_RECORD_TIMEOUT 20 Timeout of how long the container will try to wait for the DNS record to be successfully resolved.

When using the wait for NS record functionality, you must set the health check by the start period as shown in the example above to approximately 10 seconds + NS record timeout. This can be done by .healthcheck.start_period property in your compose file or by command line arguments. If you don't do this, the health check may start before the portainer process starts which would cause the health check to fail and therefore infinite restart loop of the container.

Exposed ports

Port Protocol Description
9000 TCP Web UI
8000 TCP Used for edge agent functionality only and therefore it is not explicitly exposed in the Docker image.

Volumes

Container path Description
/data Portainer data

Make sure you mount the Docker socket when using outside of Docker swarm.

Security

The container is regularly scanned for vulnerabilities and updated. Further info can be found in the Security tab.

Container user

The container supports privilege drop. Even though the container starts as root, it will use the permissions only to perform the initial set up. The portainer process runs as UID/GID provided in the PUID and PGID environment variables.

⚠️ Do not change the container user directly using the user Docker compose property or using the --user argument. This would break the privilege drop logic.

💡 To grant a user the permission to read Docker socket, you can set the PGID to the ID of the docker group on host.

About

homecentr.github.io

Topics

docker-image docker-swarm portainer homecentr

Resources

Readme

License

MIT license

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases 20

v2.1.1 Latest
Sep 2, 2021
+ 19 releases

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages