Theo Technicguy 6be001e530 | ||
---|---|---|
.ssh | ||
LICENSE | ||
README.md | ||
docker@.service |
README.md
NAJA2 Docker Socket Forwarding
I wanted to federate my two docker hosts so I can manage them from one interface (portainer, watchtower...), but without exposing the HTTP socket.
This project creates the infrastructure to forward a socket from a host locally.
Requirements
On the local machine (the one wanding to access the remote socket)
- (A service account)
- A folder
socks
in/etc/docker
sudo mkdir /etc/docker
On the remote machine
- Docker (duh)
- A normal user account (it needs to be able to accept SSH connections)
- Permission to access the docker socket
Usage
On the local machine
- Copy and paste and fill
.ssh/config
with the host and the hostname. - Set up the remote machine's host key in
.ssh/known_hosts
- Generate an identity file with
ssh-keygen
ssh-keygen -b 256 -C "docker@$(hostname)" -f ~/.ssh/id_ecdsa -t ecdsa
- Create a (sym)link to the
docker@.service
to/lib/systemd/system/
and reload systemdsudo ln -s docker@.service /lib/systemd/system/ sudo systemctl daemon-reload
On the remote machine
- Copy and paste
.ssh/authorized_keys
, then fill with the public part of the key.
On the local machine
- Start the service