.svg){kind=icon}
Boot and upgrade via container images.
Transactional, in-place operating system updates using OCI/Docker container images. bootc is the key component in a broader mission of bootable containers.
The original Docker container model of using "layers" to model applications has been extremely successful. This project aims to apply the same technique for bootable host systems - using standard OCI/Docker containers as a transport and delivery format for base operating system updates.
A curated list of Docker Compose samples.
These samples provide a starting point for how to integrate different services using a Compose file and to manage their deployment with Docker Compose.
Internal Tools Deployment Platform. Webapp Management for Internal Tools.
Platform for securely developing and deploying web tools across a team.
Application server for containerized webapps. Create and share webapps for CLI applications.
Clace combines the functionality of a reverse proxy, a hypermedia based micro-framework and a container orchestrator (using Docker or Podman) in a single lightweight binary. After starting the Clace server and ensuring Docker or Podman is running, new apps can be installed in one command from GitHub source repo. Clace builds the image and starts the container lazily, on the first API call. Clace can also automatically build simple form based UI for backend APIs.
WUD (aka What's up Docker?) gets you notified when a new version of your Docker Container is available.
Gets you notified when new versions of your Docker containers are available and lets you react the way you want.
The Registry is a stateless, highly scalable server side application that stores and lets you distribute container images and other content.
This repository's main product is the Open Source Registry implementation for storing and distributing container images and other content using the OCI Distribution Specification. The goal of this project is to provide a simple, secure, and scalable base for building a large scale registry solution or running a simple private registry. It is a core library for many registry operators including Docker Hub, GitHub Container Registry, GitLab Container Registry and DigitalOcean Container Registry, as well as the CNCF Harbor Project, and VMware Harbor Registry.
Lightweight swiss-knife-like VPN client to multiple VPN service providers.
VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
nginx-proxy sets up a container running nginx and docker-gen. docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped.
CLI tool to automate docker image updates. Selective, notifications, autoprune, no pre-pulling.
A Terraform provider for managing Docker services.
Manage Docker-hosted resources (such as repositories, teams, organization settings, and more) using Terraform.
Code signing and transparency for containers and binaries.
Signing OCI containers (and other artifacts) using Sigstore!
Cosign aims to make signatures invisible infrastructure.
WebRTC/RTSP/RTMP/LL-HLS bridge for Wyze cams in a docker container.
Your entire server infrastructure at your fingertips. Manage all your servers from your local desktop. No remote setup required.
XPipe is a new type of shell connection hub and remote file manager that allows you to access your entire server infrastructure from your local machine. It works on top of your installed command-line programs and does not require any setup on your remote systems. So if you normally use CLI tools like ssh, docker, kubectl, etc. to connect to your servers, you can just use XPipe on top of that.
Docker is one of the most popular services to run containerized applications and it utilizes containerd and runc at a low level. This became popular because of its ease of use and intuitive experience. There are some misconfigurations that are left in the setup that can easily be exploited and few of them even let you break out of the containerized environment.
In this series, I will be explaining to you the basic concepts of the docker internals and how you can exploit certain misconfigurations to gain root user access or breakout of the containerization via both remote and local exploits. Also later in this course, you will learn how to secure your existing docker environment by following best practices from the experts.
Dagu is a powerful Cron alternative that comes with a Web UI. It allows you to define dependencies between commands as a Directed Acyclic Graph (DAG) in a declarative Writing DAGs. Additionally, Dagu natively supports running Docker containers, making HTTP requests, and executing commands over SSH. Dagu was designed to be easy to use, self-contained, and require no coding, making it ideal for small projects.
This script simplifies the deployment and management of Docker containers by automating tasks such as container creation, configuration, and deployment.
The Container Structure Tests provide a powerful framework to validate the structure of a container image. These tests can be used to check the output of commands in an image, as well as verify metadata and contents of the filesystem.
Docking station is a webapp for managing and updating your docker containers. It is built using Nextjs and FastAPI.
Repack docker images to optimize for pulling speed.
This tool repacks a Docker image into a smaller, more efficient version that makes it significantly faster to pull. It does this by using a few different techniques such as removing redundant data and improving compression ratios.
Convert your Docker Compose file to Kubernetes or OpenShift.
Kompose is a conversion tool for Docker Compose to container orchestrators such as Kubernetes (or OpenShift).
A fully automated HTTPS server powered by Nginx, Let's Encrypt and Docker.
HTTPS-PORTAL is a fully automated HTTPS server powered by Nginx, Let's Encrypt and Docker. By using it, you can run any existing web application over HTTPS, with only one extra line of configuration.