akanealw
eec8c28fb3
Some checks are pending
Go Benchmark / Performance Regression Check (push) Waiting to run
Cerberus Integration / Cerberus Security Stack Integration (push) Waiting to run
Upload Coverage to Codecov / Backend Codecov Upload (push) Waiting to run
Upload Coverage to Codecov / Frontend Codecov Upload (push) Waiting to run
CodeQL - Analyze / CodeQL analysis (go) (push) Waiting to run
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Waiting to run
CrowdSec Integration / CrowdSec Bouncer Integration (push) Waiting to run
Docker Build, Publish & Test / build-and-push (push) Waiting to run
Docker Build, Publish & Test / Security Scan PR Image (push) Blocked by required conditions
Quality Checks / Auth Route Protection Contract (push) Waiting to run
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Waiting to run
Quality Checks / Backend (Go) (push) Waiting to run
Quality Checks / Frontend (React) (push) Waiting to run
Rate Limit integration / Rate Limiting Integration (push) Waiting to run
Security Scan (PR) / Trivy Binary Scan (push) Waiting to run
Supply Chain Verification (PR) / Verify Supply Chain (push) Waiting to run
WAF integration / Coraza WAF Integration (push) Waiting to run
4.3 KiB
Executable File
4.3 KiB
Executable File
title, description, category
| title | description | category |
|---|---|---|
| Docker Auto-Discovery | Automatically find and proxy Docker containers with one click | integration |
Docker Auto-Discovery
Already running apps in Docker? Charon automatically finds your containers and offers one-click proxy setup. Supports both local Docker installations and remote Docker servers.
Overview
Docker auto-discovery eliminates manual IP address hunting and port memorization. Charon queries the Docker API to list running containers, extracts their network information, and lets you create proxy configurations with a single click.
How It Works
- Charon connects to Docker via socket or TCP
- Queries running containers and their exposed ports
- Displays container list with network details
- You select a container and assign a domain
- Charon creates the proxy configuration automatically
Why Use This
Eliminate IP Address Hunting
- No more running
docker inspectto find container IPs - No more updating configs when containers restart with new IPs
- Container name resolution handles dynamic addressing
Accelerate Development
- Spin up a new service, proxy it in seconds
- Test different versions by proxying multiple containers
- Remove proxies as easily as you create them
Simplify Team Workflows
- Developers create their own proxy entries
- No central config file bottlenecks
- Self-service infrastructure access
Configuration
Docker Socket Mounting
For Charon to discover containers, it needs Docker API access.
Docker Compose:
services:
charon:
image: charon:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
Docker Run:
docker run -v /var/run/docker.sock:/var/run/docker.sock:ro charon
Security Note: The socket grants significant access. Use read-only mode (
:ro) and consider Docker socket proxies for production.
Remote Docker Server Support
Connect to Docker hosts over TCP:
- Go to Settings → Docker
- Click Add Remote Host
- Enter connection details:
- Name: Friendly identifier
- Host: IP or hostname
- Port: Docker API port (default: 2375/2376)
- TLS: Enable for secure connections
- Upload TLS certificates if required
- Click Test Connection, then Save
Container Selection Workflow
Viewing Available Containers
- Navigate to Hosts → Add Host
- Click Select from Docker
- Choose Docker host (local or remote)
- Browse running containers
Container List Display
Each container shows:
- Name: Container name
- Image: Source image and tag
- Ports: Exposed ports and mappings
- Networks: Connected Docker networks
- Status: Running, paused, etc.
Creating a Proxy
- Click a container row to select it
- If multiple ports are exposed, choose the target port
- Enter the domain name for this proxy
- Configure SSL options
- Click Create Host
Automatic Updates
When containers restart:
- Charon continues proxying to the container name
- Docker's internal DNS resolves the new IP
- No manual intervention required
Advanced Configuration
Network Selection
If a container is on multiple networks, specify which network Charon should use for routing:
- Edit the host after creation
- Go to Advanced → Docker
- Select the preferred network
Port Override
Override the auto-detected port:
- Edit the host
- Change the backend URL port manually
- Useful for containers with non-standard port configurations
Troubleshooting
| Issue | Cause | Solution |
|---|---|---|
| No containers shown | Socket not mounted | Add Docker socket volume |
| Connection refused | Remote Docker not configured | Enable TCP API on Docker host |
| Container not proxied | Container not running | Start the container |
| Wrong IP resolved | Multi-network container | Specify network in advanced settings |
Security Considerations
- Socket Access: Docker socket provides root-equivalent access. Mount read-only.
- Remote Connections: Always use TLS for remote Docker hosts.
- Network Isolation: Use Docker networks to segment container communication.
Related
- Web UI - Point & click management
- SSL Certificates - Automatic HTTPS for proxied containers
- Back to Features