Skip to content

Added expanding environment variables for allow* methods#48

Open
AlexSat wants to merge 1 commit into
wollomatic:49-fr-added-expanding-environment-variables-for-allow-methodsfrom
AlexSat:main
Open

Added expanding environment variables for allow* methods#48
AlexSat wants to merge 1 commit into
wollomatic:49-fr-added-expanding-environment-variables-for-allow-methodsfrom
AlexSat:main

Conversation

@AlexSat

@AlexSat AlexSat commented Apr 2, 2025
edited
Loading

Copy link
Copy Markdown

Allow to place environment variable into allow* variables content for future expanding when starting to grant permissions for target container only.

Use case(for docker ocmpose): set environments
SP_ALLOW_POST=/v1\.\d{1,2}/(exec|containers)/$$CONTAINER_NAME/(start|stop|exec)
CONTAINER_NAME=xxx

More complex example:

#cat exts.yaml
services:
  docker-proxy:
    image: wollomatic/socket-proxy:1
    restart: unless-stopped
    read_only: true
    mem_limit: 64M
    hostname: docker_proxy
    security_opt:
      - no-new-privileges
    user: 65534:${DOCKER_GROUP_ID}
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      - SP_LISTENIP=0.0.0.0
      - SP_LOGLEVEL=INFO
      - SP_PROXYPORT=${DOCKER_PROXY_PORT}
    networks:
      - docker_proxy_net
  docker-proxy-start-stop:
    extends: docker-proxy
    environment:
      - SP_ALLOW_POST=/v1\.\d{1,2}/containers/$$TARGET_CONTAINER/(start|stop)
  docker-proxy-start-stop-exec:
    extends: docker-proxy
    environment:
      - SP_ALLOW_POST=/v1\.\d{1,2}/(exec|containers)/$$TARGET_CONTAINER/(start|stop|exec)
      - SP_ALLOW_GET=/v1\.\d{1,2}/(exec|containers)/.*?/(json)

#cat compose.yml
services:
  ...
  docker_socket:
    extends:
      file: exts.yml
      service: docker-proxy-start-stop
    environment:
      - SP_ALLOWFROM=my_app_backup
      - TARGET_CONTAINER=my_app

@AlexSat

AlexSat commented Apr 2, 2025
edited
Loading

Copy link
Copy Markdown
Author

@wollomatic Hello! What do you think about it?

UPD: Sorry, misstag... removed @justsomescripts @ildyria

@wollomatic wollomatic mentioned this pull request Apr 2, 2025
Open
@wollomatic wollomatic changed the base branch from main to 49-fr-added-expanding-environment-variables-for-allow-methods April 2, 2025 17:21
@wollomatic wollomatic self-assigned this Apr 2, 2025
@wollomatic

wollomatic commented Apr 2, 2025

Copy link
Copy Markdown
Owner

Hi @AlexSat,

thank you very much for your contribution. I'll think about it in the next few days and get back to you soon.

Best regards,
Wolfgang

@AlexSat

AlexSat commented Apr 22, 2025

Copy link
Copy Markdown
Author

Hi @wollomatic,

have you some time to check PR, please?

Best regards,
Alexander

@wollomatic wollomatic deleted the branch wollomatic:49-fr-added-expanding-environment-variables-for-allow-methods September 30, 2025 17:24
@wollomatic wollomatic closed this Sep 30, 2025
@wollomatic wollomatic reopened this Sep 30, 2025
@wollomatic wollomatic deleted the branch wollomatic:49-fr-added-expanding-environment-variables-for-allow-methods February 21, 2026 14:16
@wollomatic wollomatic closed this Feb 21, 2026
@wollomatic wollomatic reopened this Feb 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@wollomatic wollomatic

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AlexSat @wollomatic