Docker Socket Proxy

The recommended way to setup AppAPI Deploy daemon is to use our Docker Socket Proxy implementation.

Nextcloud AppAPI DSP

Nextcloud AppAPI DSP (Docker Socket Proxy) - is a simple Docker container that provides a secure way to access the Docker Engine API and ExApps. It is secured with haproxy Basic authentication. There are two parts of reverse proxy configuration:

Note

For remote Docker Socket Proxy setup, it should expose the ports on the host.

Nextcloud AIO

Nextcloud AIO implements Docker Socket Proxy container which automatically setting up, you just need to tick the checkbox in AIO configuration interface to enable it. AppAPI automatically creates the default Deploy daemon configuration in Nextcloud AIO.

See Nextcloud in Docker AIO (all-in-one) for more details.

Note

Nextcloud AIO is not limited to its default Deploy daemon. You can setup any other Deploy daemon (local or remote) to use it in AppAPI.

Other implementations

Our implementation is inspired by Tecnativa Docker Socket Proxy, by default, it restricts access to the required by AppAPI Docker Engine APIs. In this case, you will have to enable these APIs via the environment variables:

  • IMAGES=1

  • CONTAINER=1

  • POST=1

Note

For local Deploy daemon setup other implementations of Docker Socket Proxy may be enough. But for remote Deploy daemon setup, we recommend using our DSP, as we allow only the Docker Engine APIs we actually use in AppAPI, and it is additionally secured with haproxy authentication.