Feature Request: Support for connecting via docker-socket-proxy

[alikome]

Let me start with some appreciations, I love this app, it came exactly at the right time, with dockge being abandoned, I was looking for an alternative, and this one is much more than what dockge was, so thank you for that!

Currently, Dockman seems to only connect to the local /var/run/docker.sock, as I checked the docs and couldn't find anything that says otherwise.

For security reasons, it would be great if Dockman could optionally connect via a proxy socket API with TCP or any other solution.

[RA341]

If you encounter any issues, refer to #77 for more info

TL;DR: Use the following setup with a socket proxy:

services:
  dockman:
    container_name: dockman
    image: ghcr.io/ra341/dockman:latest
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL
    read_only: true
    tmpfs: ["/tmp"]
    healthcheck:
      test: wget --no-verbose --tries=1 --spider http://localhost:8866/ || exit 1
      interval: 5s
      timeout: 5s
      retries: 3
    env_file: ['../.env']
    environment:
      - DOCKMAN_COMPOSE_ROOT=/server/stacks
      - DOCKMAN_MACHINE_ADDR=${HOST_IP}
      - DOCKER_HOST=tcp://dockmanProxy:2375
    volumes:
      - ${DATA_PATH}/dockman/config:/config
      - /server/stacks:/server/stacks
    ports:
      - 8866:8866
    restart: always
    pull_policy: always
    labels:
      - com.centurylinklabs.watchtower.enable=true

  dockmanProxy:
    image: lscr.io/linuxserver/socket-proxy:latest
    container_name: dockmanProxy
    healthcheck:
      test: wget --spider http://localhost:2375/version || exit 1
      interval: 5s
      timeout: 2s
      retries: 3
    env_file: ['../.env']
    environment:
      LOG_LEVEL: info # debug,info,notice,warning,err,crit,alert,emerg
      
      # Base
      PING: 1
      VERSION: 1
      INFO: 1
      EVENTS: 1

      # Ressources nécessaires à Portainer
      CONTAINERS: 1
      IMAGES: 1
      NETWORKS: 1
      VOLUMES: 1
      EXEC: 1

      # Opérations d’écriture (création, start/stop, pull, prune…)
      POST: 1
      SYSTEM: 1

      # Contrôles fins LSIO pour lifecycle conteneurs
      ALLOW_START: 1
      ALLOW_STOP: 1
      ALLOW_RESTARTS: 1

      # Désactivés par défaut (ouvre seulement si tu en as besoin)
      AUTH: 0
      BUILD: 0        # mets à 1 si tu veux construire des images via Portainer
      COMMIT: 0       # mets à 1 si tu « commit » des conteneurs en image
      CONFIGS: 0
      DISTRIBUTION: 0
      NODES: 0
      PLUGINS: 0
      SERVICES: 0
      SESSION: 0
      SWARM: 0
      TASKS: 0
      SECRETS: 0
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    tmpfs:
      - /run:rw,uid=${SUID},gid=${GUID},mode=0755
      - /tmp:rw,mode=1777
      - /var/lib/haproxy:rw,uid=${SUID},gid=${GUID},mode=0755
    security_opt:
      - no-new-privileges:true
    read_only: true
    cap_drop:
      - ALL
    user: ${SUID}:${GUID}
    group_add:
      - 990
    expose:
      - 2375
    restart: unless-stopped
    labels:
      com.centurylinklabs.watchtower.enable: true

[alikome]

Great! I will try it out, thank you