Skip to content

InkedCat/PodmanSocketProxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
.cargo
.cargo
 
 
config-examples
config-examples
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
ContainerFile
ContainerFile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
config.toml
config.toml
 
 

Repository files navigation

Podman Socket Proxy

Introduction

Podman Socket Proxy is designed to conceal sensitive APIs of the Podman engine from various services. This application allows proxying via TCP or Unix socket.

Installation

Docker

A container file is provided for easy deployment. To build and run the container, use the following commands:

podman build -t podman-socket-proxy .
podman run -d -p <host-port>:8787 podman-socket-proxy

It will proxy via TCP by default for ease of use inside container clusters.

Bare Metal

Installation

To build the project, ensure you have Rust installed and then run:

cargo build --release

Usage

podman-socket-proxy [OPTIONS] <COMMAND>

Commands:

  • unix Start the proxy as a Unix Socket
  • inet Start the proxy as a TCP Socket
  • help Print this message or the help of the given subcommand(s)

Options:

  • -p, --podman-path <PODMAN_PATH> The full path to the Podman socket [default: /run/podman/podman.sock]
  • -c, --config-path <CONFIG_PATH> The path to the TOML configuration file [default: ./config.toml]

Unix Usage

podman-socket-proxy unix [OPTIONS]
Options:
  • -s, --socket-path <SOCKET_PATH> The full path of the protected socket [default: /var/run/safe-podman.sock]
  • -r, --replace Replace the socket file if it already exists

TCP Usage

podman-socket-proxy inet [OPTIONS]
Options:
  • -i, --ip <IP> The IP address the protected socket will listen on [default: 0.0.0.0]
  • -p, --port <PORT> The port the protected socket will listen on [default: 8787]

Partial Docker Compatibility

While primarily designed for Podman, this proxy offers great compatibility with Docker. Although minimal support will be provided for Docker-related configurations.

Dependencies

Podman Socket Proxy relies on several crates to function:

  • anyhow = "1.0.93"
  • clap = "4.5.21"
  • clap_complete = "4.5.44"
  • env_logger = "0.11.6"
  • httparse = "1.9.5"
  • lazy_static = "1.5.0"
  • log = "0.4.25"
  • regex = "1.11.1"
  • serde = "1.0.215"
  • thiserror = "2.0.3"
  • tokio = "1.41.1"
  • toml = "0.8.19"

Troubleshooting

If you encounter issues, check the following:

  • Ensure that the Podman engine is running.
  • Verify that the correct ports and socket paths are specified.
  • Check the config file for syntax/regex errors.

Contributing

Contributions are welcome! Please submit pull requests or open issues for any bugs or feature requests.

License

This project is licensed under the GNU General Public License v3.0

About

🔌🛡️Allow access to the Podman Engine API without worry!

Topics

docker rust security deployment proxy podman

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages