congsh/Arch1Panel
1
0
Fork 0
mirror of https://github.com/arch3rPro/1Panel-Appstore.git synced 2026-04-15 00:17:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(docker-socket-proxy): 添加 docker-socket-proxy 应用支持

Browse Source
This commit is contained in:
arch3rPro
2025-12-16 02:24:53 +08:00
parent 39ba5fb80a
commit 594fd20704
9 changed files with 934 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@@ -881,6 +881,15 @@ AI驱动的开源代码知识库与文档协作平台支持多模型、多数
</td>
<td width="33%" align="center">
<a href="./apps/docker-socket-proxy/README.md">
<img src="./apps/docker-socket-proxy/logo.png" width="60" height="60" alt="Docker-Socket-Proxy">
<br><b>Docker-Socket-Proxy</b>
</a>
🔒 Docker socket代理支持访问规则限制和权限控制
<kbd>3.2.9</kbd> • [官网链接](https://github.com/Tecnativa/docker-socket-proxy)
</td>
</tr>
</table>

330
apps/docker-socket-proxy/3.2.9/data.yml Normal file
View File

@@ -0,0 +1,330 @@
additionalProperties:
formFields:
- default: "2375"
envKey: PANEL_APP_PORT_HTTP
required: true
type: number
labelEn: Port
labelZh: 端口
edit: true
rule: paramPort
- default: "0"
envKey: ALLOW_START
required: false
type: select
labelEn: ALLOW_START
labelZh: ALLOW_START允许启动
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: ALLOW_STOP
required: false
type: select
labelEn: ALLOW_STOP
labelZh: ALLOW_STOP允许停止
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: ALLOW_RESTARTS
required: false
type: select
labelEn: ALLOW_RESTARTS
labelZh: ALLOW_RESTARTS允许重启
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: AUTH
required: false
type: select
labelEn: AUTH
labelZh: AUTH认证
values:
- label: 0-关闭
value: "0"
- label: 1-开启
value: "1"
- default: "0"
envKey: BUILD
required: false
type: select
labelEn: BUILD
labelZh: BUILD构建
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: COMMIT
required: false
type: select
labelEn: COMMIT
labelZh: COMMIT提交
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: CONFIGS
required: false
type: select
labelEn: CONFIGS
labelZh: CONFIGS配置
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: CONTAINERS
required: false
type: select
labelEn: CONTAINERS
labelZh: CONTAINERS容器
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: DISABLE_IPV6
required: false
type: select
labelEn: DISABLE_IPV6
labelZh: DISABLE_IPV6禁用IPv6
values:
- label: 0-关闭
value: "0"
- label: 1-开启
value: "1"
- default: "0"
envKey: DISTRIBUTION
required: false
type: select
labelEn: DISTRIBUTION
labelZh: DISTRIBUTION镜像分发
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "1"
envKey: EVENTS
required: false
type: select
labelEn: EVENTS
labelZh: EVENTS事件
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: EXEC
required: false
type: select
labelEn: EXEC
labelZh: EXEC执行
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: IMAGES
required: false
type: select
labelEn: IMAGES
labelZh: IMAGES镜像
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: INFO
required: false
type: select
labelEn: INFO
labelZh: INFO信息
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "info"
envKey: LOG_LEVEL
required: false
type: select
labelEn: LOG_LEVEL
labelZh: LOG_LEVEL日志级别
values:
- label: debug-调试
value: "debug"
- label: info-信息
value: "info"
- label: notice-通知
value: "notice"
- label: warning-警告
value: "warning"
- label: err-错误
value: "err"
- label: crit-严重
value: "crit"
- label: alert-警报
value: "alert"
- label: emerg-紧急
value: "emerg"
- default: "0"
envKey: NETWORKS
required: false
type: select
labelEn: NETWORKS
labelZh: NETWORKS网络
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: NODES
required: false
type: select
labelEn: NODES
labelZh: NODES节点
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "1"
envKey: PING
required: false
type: select
labelEn: PING
labelZh: PING探针/PING
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: PLUGINS
required: false
type: select
labelEn: PLUGINS
labelZh: PLUGINS插件
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: POST
required: false
type: select
labelEn: POST
labelZh: POSTPOST请求
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SECRETS
required: false
type: select
labelEn: SECRETS
labelZh: SECRETS机密/Secrets
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SERVICES
required: false
type: select
labelEn: SERVICES
labelZh: SERVICES服务
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SESSION
required: false
type: select
labelEn: SESSION
labelZh: SESSION会话
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SWARM
required: false
type: select
labelEn: SWARM
labelZh: SWARMSwarm集群
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SYSTEM
required: false
type: select
labelEn: SYSTEM
labelZh: SYSTEM系统
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: TASKS
required: false
type: select
labelEn: TASKS
labelZh: TASKS任务
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "1"
envKey: VERSION
required: false
type: select
labelEn: VERSION
labelZh: VERSION版本
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: VOLUMES
required: false
type: select
labelEn: VOLUMES
labelZh: VOLUMES
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"

49
apps/docker-socket-proxy/3.2.9/docker-compose.yml Normal file
View File

@@ -0,0 +1,49 @@
services:
socket-proxy:
image: ghcr.io/linuxserver/socket-proxy:3.2.9
container_name: ${CONTAINER_NAME}
environment:
- ALLOW_START=${ALLOW_START}
- ALLOW_STOP=${ALLOW_STOP}
- ALLOW_RESTARTS=${ALLOW_RESTARTS}
- AUTH=${AUTH}
- BUILD=${BUILD}
- COMMIT=${COMMIT}
- CONFIGS=${CONFIGS}
- CONTAINERS=${CONTAINERS}
- DISABLE_IPV6=${DISABLE_IPV6}
- DISTRIBUTION=${DISTRIBUTION}
- EVENTS=${EVENTS}
- EXEC=${EXEC}
- IMAGES=${IMAGES}
- INFO=${INFO}
- LOG_LEVEL=${LOG_LEVEL}
- NETWORKS=${NETWORKS}
- NODES=${NODES}
- PING=${PING}
- PLUGINS=${PLUGINS}
- POST=${POST}
- SECRETS=${SECRETS}
- SERVICES=${SERVICES}
- SESSION=${SESSION}
- SWARM=${SWARM}
- SYSTEM=${SYSTEM}
- TASKS=${TASKS}
- TZ=Etc/UTC
- VERSION=${VERSION}
- VOLUMES=${VOLUMES}
ports:
- ${PANEL_APP_PORT_HTTP}:2375
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: always
read_only: true
tmpfs:
- /run
networks:
- 1panel-network
labels:
createdBy: Apps
networks:
1panel-network:
external: true

71
apps/docker-socket-proxy/README.md Normal file
View File

@@ -0,0 +1,71 @@
# Docker-Socket-Proxy
Socket Proxy是一个安全增强型代理允许您对Docker socket应用访问规则从而限制需要使用它的容器的攻击面如watchtower或Traefik等容器。
![](https://img.shields.io/badge/Copyright-arch3rPro-ff9800?style=flat&logo=github&logoColor=white)
## 应用设置
此容器在概念上基于[https://github.com/Tecnativa/docker-socket-proxy](https://github.com/Tecnativa/docker-socket-proxy)因此不遵循我们通常的容器约定。它不支持mods或自定义脚本/服务也不能以非root用户或rootless环境中的docker用户身份运行。它旨在作为Tecnativa容器的直接替代品运行。
容器应在与服务使用它的同一docker网络上运行。通常会连接到挂载的docker.sock的大多数容器如果不提供配置选项可以使用`DOCKER_HOST`环境变量覆盖其端点;通常应指向`tcp://socket-proxy:2375`
* 永远不要将此容器的端口暴露给公共网络。它应该被视为与docker socket或TCP端点相同的方式处理。
* 撤销对您认为服务不需要的任何API部分的访问。
* 要查看Docker守护进程和客户端支持的API版本请使用`docker version`并检查`API version`
* [阅读文档](https://docs.docker.com/engine/api/)以了解您正在使用的API版本的可用端点说明。
## 只读操作
此镜像可以与只读容器文件系统一起运行。详细信息请[阅读文档](https://docs.linuxserver.io/misc/read-only/)。
## 参数
容器使用运行时传递的参数进行配置(如上所述)。这些参数用冒号分隔,分别表示`<外部>:<内部>`。例如,`-p 8080:80`将暴露容器内部的端口`80`使其可从容器外部主机的IP上的端口`8080`访问。
| 参数 | 功能 |
| :----: | --- |
| `-e ALLOW_START=0` | `/containers/{id}/start` - **即使`POST=0`此选项也将生效** |
| `-e ALLOW_STOP=0` | `/containers/{id}/stop` - **即使`POST=0`此选项也将生效** |
| `-e ALLOW_RESTARTS=0` | `/containers/{id}/stop``/containers/{id}/restart``/containers/{id}/kill` - **即使`POST=0`此选项也将生效** |
| `-e AUTH=0` | `/auth` |
| `-e BUILD=0` | `/build` |
| `-e COMMIT=0` | `/commit` |
| `-e CONFIGS=0` | `/configs` |
| `-e CONTAINERS=0` | `/containers` |
| `-e DISTRIBUTION=0` | `/distribution` |
| `-e DISABLE_IPV6=0` | 设置为`1`以防止绑定到IPv6接口适用于无法支持IPv6的旧系统。 |
| `-e EVENTS=1` | `/events` |
| `-e EXEC=0` | `/exec``/containers/{id}/exec` |
| `-e IMAGES=0` | `/images` |
| `-e INFO=0` | `/info` |
| `-e LOG_LEVEL=info` | 可能的值debug、info、notice、warning、err、crit、alert和emerg。默认为info。 |
| `-e NETWORKS=0` | `/networks` |
| `-e NODES=0` | `/nodes` |
| `-e PING=1` | `/_ping` |
| `-e PLUGINS=0` | `/plugins` |
| `-e POST=0` | 设置为`0`时,仅允许`GET``HEAD`操作使API访问变为只读。 |
| `-e SECRETS=0` | `/secrets` |
| `-e SERVICES=0` | `/services` |
| `-e SESSION=0` | `/session` |
| `-e SWARM=0` | `/swarm` |
| `-e SYSTEM=0` | `/system` |
| `-e TASKS=0` | `/tasks` |
| `-e TZ=Etc/UTC` | `设置容器时区` |
| `-e VERSION=1` | `/version` |
| `-e VOLUMES=0` | `/volumes` |
| `-v /var/run/docker.sock:ro` | 将主机docker socket挂载到容器中。 |
| `--read-only` | 使容器文件系统为只读。 |
| `--tmpfs /run` | 将/run挂载到tmpfsRAM中以使其可写。 |
### 参数建议
如果需要将docker socket代理作为服务运行建议配置以下参数以获得完整功能
- `CONTAINERS=1` - 允许容器操作
- `NETWORKS=1` - 允许网络操作
- `EVENTS=1` - 启用事件监控
- `PING=1` - 允许ping操作
- `POST=1` - 允许写操作(创建、修改、删除)
这些参数组合提供了完整的Docker API访问能力适用于大多数容器管理场景。

71
apps/docker-socket-proxy/README_en.md Normal file
View File

@@ -0,0 +1,71 @@
# Docker-Socket-Proxy
The Socket Proxy is a security-enhanced proxy which allows you to apply access rules to the Docker socket, limiting the attack surface for containers such as watchtower or Traefik that need to use it.
![](https://img.shields.io/badge/Copyright-arch3rPro-ff9800?style=flat&logo=github&logoColor=white)
## Application Setup
This container is conceptually based on [https://github.com/Tecnativa/docker-socket-proxy](https://github.com/Tecnativa/docker-socket-proxy) and as such does not follow our usual container conventions. It *does not* support mods or custom scripts/services, or running as a user other than root (or the docker user in a rootless environment). It is designed to act as a drop-in replacement for the Tecnativa container.
The container should be run on the same docker network as the service(s) using it. Most containers that would normally connect to a mounted docker.sock can have their endpoint overridden using the `DOCKER_HOST` environment variable if they do not offer the option in their configuration; it should typically be pointed to `tcp://socket-proxy:2375`.
* Never expose this container's port to a public network. It should be treated the same way you would treat the docker socket or TCP endpoint.
* Revoke access to any API section that you consider your service should not need.
* To see the versions of the API your Docker daemon and client support, use `docker version` and check the `API version`.
* [Read the docs](https://docs.docker.com/engine/api/) for the API version you are using for an explanation of all the available endpoints.
## Read-Only Operation
This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/).
## Parameters
Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
| Parameter | Function |
| :----: | --- |
| `-e ALLOW_START=0` | `/containers/{id}/start` - **This option will work even if `POST=0`** |
| `-e ALLOW_STOP=0` | `/containers/{id}/stop` - **This option will work even if `POST=0`** |
| `-e ALLOW_RESTARTS=0` | `/containers/{id}/stop`, `/containers/{id}/restart`, and `/containers/{id}/kill` - **This option will work even if `POST=0`** |
| `-e AUTH=0` | `/auth` |
| `-e BUILD=0` | `/build` |
| `-e COMMIT=0` | `/commit` |
| `-e CONFIGS=0` | `/configs` |
| `-e CONTAINERS=0` | `/containers` |
| `-e DISTRIBUTION=0` | `/distribution` |
| `-e DISABLE_IPV6=0` | Set to `1` to prevent binding to the IPv6 interface for legacy systems that cannot support IPv6. |
| `-e EVENTS=1` | `/events` |
| `-e EXEC=0` | `/exec` & `/containers/{id}/exec` |
| `-e IMAGES=0` | `/images` |
| `-e INFO=0` | `/info` |
| `-e LOG_LEVEL=info` | Possible values are: debug, info, notice, warning, err, crit, alert and emerg. Defaults to info. |
| `-e NETWORKS=0` | `/networks` |
| `-e NODES=0` | `/nodes` |
| `-e PING=1` | `/_ping` |
| `-e PLUGINS=0` | `/plugins` |
| `-e POST=0` | When set to `0`, only `GET` and `HEAD` operations are allowed, making API access read-only. |
| `-e SECRETS=0` | `/secrets` |
| `-e SERVICES=0` | `/services` |
| `-e SESSION=0` | `/session` |
| `-e SWARM=0` | `/swarm` |
| `-e SYSTEM=0` | `/system` |
| `-e TASKS=0` | `/tasks` |
| `-e TZ=Etc/UTC` | `Set container timezone` |
| `-e VERSION=1` | `/version` |
| `-e VOLUMES=0` | `/volumes` |
| `-v /var/run/docker.sock:ro` | Mount the host docker socket into the container. |
| `--read-only` | Make the container filesystem read-only. |
| `--tmpfs /run` | Mount /run to tmpfs (RAM) to make it writeable. |
### Parameter Recommendations
If you need to run the docker socket proxy as a service, it's recommended to configure the following parameters for full functionality:
- `CONTAINERS=1` - Allow container operations
- `NETWORKS=1` - Allow network operations
- `EVENTS=1` - Enable event monitoring
- `PING=1` - Allow ping operations
- `POST=1` - Allow write operations (create, modify, delete)
This parameter combination provides complete Docker API access capabilities, suitable for most container management scenarios.

25
apps/docker-socket-proxy/data.yml Normal file
View File

@@ -0,0 +1,25 @@
name: Docker-Socket-Proxy
tags:
- 实用工具
- 开发工具
title: 通过代理控制 Docker 套接字
description:
en: Proxy over your Docker socket to restrict which requests it accepts
zh: 通过代理控制 Docker 套接字
additionalProperties:
key: docker-socket-proxy
name: Docker-Socket-Proxy
tags:
- Tool
- DevTool
shortDescZh: 通过代理控制 Docker 套接字
shortDescEn: Proxy over your Docker socket to restrict which requests it accepts
type: website
crossVersionUpdate: true
limit: 0
website: https://github.com/linuxserver/docker-socket-proxy
github: https://github.com/linuxserver/docker-socket-proxy
document: https://github.com/linuxserver/docker-socket-proxy
architectures:
- amd64
- arm64

330
apps/docker-socket-proxy/latest/data.yml Normal file
View File

@@ -0,0 +1,330 @@
additionalProperties:
formFields:
- default: "2375"
envKey: PANEL_APP_PORT_HTTP
required: true
type: number
labelEn: Port
labelZh: 端口
edit: true
rule: paramPort
- default: "0"
envKey: ALLOW_START
required: false
type: select
labelEn: ALLOW_START
labelZh: ALLOW_START允许启动
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: ALLOW_STOP
required: false
type: select
labelEn: ALLOW_STOP
labelZh: ALLOW_STOP允许停止
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: ALLOW_RESTARTS
required: false
type: select
labelEn: ALLOW_RESTARTS
labelZh: ALLOW_RESTARTS允许重启
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: AUTH
required: false
type: select
labelEn: AUTH
labelZh: AUTH认证
values:
- label: 0-关闭
value: "0"
- label: 1-开启
value: "1"
- default: "0"
envKey: BUILD
required: false
type: select
labelEn: BUILD
labelZh: BUILD构建
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: COMMIT
required: false
type: select
labelEn: COMMIT
labelZh: COMMIT提交
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: CONFIGS
required: false
type: select
labelEn: CONFIGS
labelZh: CONFIGS配置
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: CONTAINERS
required: false
type: select
labelEn: CONTAINERS
labelZh: CONTAINERS容器
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: DISABLE_IPV6
required: false
type: select
labelEn: DISABLE_IPV6
labelZh: DISABLE_IPV6禁用IPv6
values:
- label: 0-关闭
value: "0"
- label: 1-开启
value: "1"
- default: "0"
envKey: DISTRIBUTION
required: false
type: select
labelEn: DISTRIBUTION
labelZh: DISTRIBUTION镜像分发
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "1"
envKey: EVENTS
required: false
type: select
labelEn: EVENTS
labelZh: EVENTS事件
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: EXEC
required: false
type: select
labelEn: EXEC
labelZh: EXEC执行
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: IMAGES
required: false
type: select
labelEn: IMAGES
labelZh: IMAGES镜像
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: INFO
required: false
type: select
labelEn: INFO
labelZh: INFO信息
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "info"
envKey: LOG_LEVEL
required: false
type: select
labelEn: LOG_LEVEL
labelZh: LOG_LEVEL日志级别
values:
- label: debug-调试
value: "debug"
- label: info-信息
value: "info"
- label: notice-通知
value: "notice"
- label: warning-警告
value: "warning"
- label: err-错误
value: "err"
- label: crit-严重
value: "crit"
- label: alert-警报
value: "alert"
- label: emerg-紧急
value: "emerg"
- default: "0"
envKey: NETWORKS
required: false
type: select
labelEn: NETWORKS
labelZh: NETWORKS网络
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: NODES
required: false
type: select
labelEn: NODES
labelZh: NODES节点
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "1"
envKey: PING
required: false
type: select
labelEn: PING
labelZh: PING探针/PING
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: PLUGINS
required: false
type: select
labelEn: PLUGINS
labelZh: PLUGINS插件
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: POST
required: false
type: select
labelEn: POST
labelZh: POSTPOST请求
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SECRETS
required: false
type: select
labelEn: SECRETS
labelZh: SECRETS机密/Secrets
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SERVICES
required: false
type: select
labelEn: SERVICES
labelZh: SERVICES服务
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SESSION
required: false
type: select
labelEn: SESSION
labelZh: SESSION会话
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SWARM
required: false
type: select
labelEn: SWARM
labelZh: SWARMSwarm集群
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: SYSTEM
required: false
type: select
labelEn: SYSTEM
labelZh: SYSTEM系统
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: TASKS
required: false
type: select
labelEn: TASKS
labelZh: TASKS任务
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "1"
envKey: VERSION
required: false
type: select
labelEn: VERSION
labelZh: VERSION版本
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"
- default: "0"
envKey: VOLUMES
required: false
type: select
labelEn: VOLUMES
labelZh: VOLUMES
values:
- label: 0-禁止
value: "0"
- label: 1-允许
value: "1"

49
apps/docker-socket-proxy/latest/docker-compose.yml Normal file
View File

@@ -0,0 +1,49 @@
services:
socket-proxy:
image: ghcr.io/linuxserver/socket-proxy:latest
container_name: ${CONTAINER_NAME}
environment:
- ALLOW_START=${ALLOW_START}
- ALLOW_STOP=${ALLOW_STOP}
- ALLOW_RESTARTS=${ALLOW_RESTARTS}
- AUTH=${AUTH}
- BUILD=${BUILD}
- COMMIT=${COMMIT}
- CONFIGS=${CONFIGS}
- CONTAINERS=${CONTAINERS}
- DISABLE_IPV6=${DISABLE_IPV6}
- DISTRIBUTION=${DISTRIBUTION}
- EVENTS=${EVENTS}
- EXEC=${EXEC}
- IMAGES=${IMAGES}
- INFO=${INFO}
- LOG_LEVEL=${LOG_LEVEL}
- NETWORKS=${NETWORKS}
- NODES=${NODES}
- PING=${PING}
- PLUGINS=${PLUGINS}
- POST=${POST}
- SECRETS=${SECRETS}
- SERVICES=${SERVICES}
- SESSION=${SESSION}
- SWARM=${SWARM}
- SYSTEM=${SYSTEM}
- TASKS=${TASKS}
- TZ=Etc/UTC
- VERSION=${VERSION}
- VOLUMES=${VOLUMES}
ports:
- ${PANEL_APP_PORT_HTTP}:2375
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: always
read_only: true
tmpfs:
- /run
networks:
- 1panel-network
labels:
createdBy: Apps
networks:
1panel-network:
external: true

BIN
apps/docker-socket-proxy/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.6 KiB