This container image provides a reverse proxy based on nginx to publish the Docker daemon on 2376/TCP using certificate authentication
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Dockerfile
README.md
entrypoint.sh
proxy.conf

README.md

Supported tags and respective Dockerfile links

Purpose

This container image launches nginx as a reverse proxy. It listens on port 2376/tcp and forwards requests to the local Docker daemon socker /var/run/docker.sock. It does not support insecure connections on 2375/tcp.

Usage

The reverse proxy listens on port 2376/tcp using TLS. All requests are forwarded to the Docker daemon socket which must be mapped:

docker run -d \
    --env CA_CRT=$(cat ca.pem) \
    --env SERVER_KEY=$(cat server_key.pem) \
    --env SERVER_CRT=$(cat server_cert.pem) \
    --net=host
    --volume /var/run/docker.sock:/var/run/docker.sock
    nicholasdille/docker-auth-proxy

The certificates must be created manually before starting the reverse proxy. Please refer to the official documentation how to protect the Docker daemon socket.

The following variables are supported:

CA_CRT

... must contain the PEM formatted certificate for the certificate authority

SERVER_KEY

... must contain the PEM formatted private key for the server certificate

SERVER_CRT

... must contain the PEM formatted server certificate