This container image provides a reverse proxy based on nginx to publish the Docker daemon on 2376/TCP using certificate authentication
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Supported tags and respective Dockerfile links


This container image launches nginx as a reverse proxy. It listens on port 2376/tcp and forwards requests to the local Docker daemon socker /var/run/docker.sock. It does not support insecure connections on 2375/tcp.


The reverse proxy listens on port 2376/tcp using TLS. All requests are forwarded to the Docker daemon socket which must be mapped:

docker run -d \
    --env CA_CRT=$(cat ca.pem) \
    --env SERVER_KEY=$(cat server_key.pem) \
    --env SERVER_CRT=$(cat server_cert.pem) \
    --volume /var/run/docker.sock:/var/run/docker.sock

The certificates must be created manually before starting the reverse proxy. Please refer to the official documentation how to protect the Docker daemon socket.

The following variables are supported:


... must contain the PEM formatted certificate for the certificate authority


... must contain the PEM formatted private key for the server certificate


... must contain the PEM formatted server certificate