Docker Socket Proxy
The recommended way to setup the AppAPI Deploy daemon is to use our Docker Socket Proxy implementation.
Nextcloud AppAPI DSP
Nextcloud AppAPI DSP (Docker Socket Proxy) is a simple Docker container that provides a secure way to access the Docker Engine API and ExApps. It is secured with haproxy Basic authentication. There are two parts of reverse proxy configuration:
HaProxy config for Docker Engine API
HaProxy config for ExApps
Note
For remote Docker Socket Proxy setup, it should expose the ports on the host.
Nextcloud AIO
Nextcloud AIO implements its own Docker Socket Proxy container; you just need to tick the checkbox in the AIO configuration interface to enable it. AppAPI automatically creates the default Deploy daemon configuration for Nextcloud AIO.
See Nextcloud in Docker AIO (all-in-one) for more details.
Note
Nextcloud AIO is not limited to its default Deploy daemon. You can setup any other Deploy daemon (local or remote) for use in AppAPI.
Other implementations
Our implementation is inspired by Tecnativa Docker Socket Proxy. By default, it restricts access to the required by AppAPI Docker Engine APIs. In this case, you will have to enable these APIs via the environment variables:
IMAGES=1CONTAINER=1POST=1
Note
For local Deploy daemon setup, other implementations of Docker Socket Proxy may be enough. But for remote Deploy daemon setup, we recommend using our DSP, as we allow only the Docker Engine APIs we actually use in AppAPI, and it is additionally secured with haproxy authentication.