A sleek, professional web interface for remote Docker host management.
Inspect and control containers, images, volumes, and networks directly from your browser.
Fully containerized, lightweight, and secure.
- π Real-time Container Management β List all containers with live state updates
- β‘ Container Controls β Start, stop, restart, and remove containers with one click
- π Live Log Streaming β Real-time container logs via WebSockets
- πΌοΈ Image Management β Browse images and spin up containers instantly
- πΎ Volume Inspector β View and delete Docker volumes
- π Network Configuration β Inspect networking details across your Docker host
- π¦ Fully Containerized β Deploy with Docker Compose in seconds
| Layer | Technology |
|---|---|
| Frontend | React, ShadCN UI, Tailwind CSS |
| Backend | Node.js, Express, Dockerode |
| Authentication | Clerk |
| Containerization | Docker + Docker Compose |
| Real-time Streaming | WebSockets |
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β Browser β βββββββΊ β Backend β βββββββΊ β Docker Host β
β (React) β HTTP β (Express) β API β (Remote) β
βββββββββββββββ + WS βββββββββββββββ βββββββββββββββ
- Frontend communicates with the backend REST API
- Backend uses Dockerode to query the Docker host via Docker Remote API
- Logs are streamed live via WebSockets to the frontend
- Authentication is handled securely through Clerk
- The entire system is fully containerized for seamless deployment
- Docker & Docker Compose installed
- Docker Remote API access on target host
- Clerk account (for authentication)
β οΈ Security Warning: Only enable this on trusted machines. Exposing port 2375 without TLS is insecure and should only be used in development or behind a firewall.
- Create override configuration:
sudo mkdir -p /etc/systemd/system/docker.service.d
sudo nano /etc/systemd/system/docker.service.d/override.conf- Add the following configuration:
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375- Reload and restart Docker:
sudo systemctl daemon-reexec
sudo systemctl restart docker- Verify the connection:
docker -H tcp://<YOUR_HOST_IP>:2375 infoYou should see Docker info output from the remote host.
git clone https://github.com/Siddhartha-0709/Docker-Agent.git
cd Docker-AgentYou have two options to set the Docker host IP:
Option A: Environment Variable
Create or edit .env in the frontend directory:
VITE_HOST=YOUR_HOST_IPOption B: UI Modal
Use the configuration modal that appears on the frontend to set the host dynamically at runtime.
docker-compose up -dThis will:
- Spin up the frontend container (port 5173)
- Spin up the backend container
- Establish connection to your Docker host on port 2375
Note: Ensure your Docker host on port 2375 is accessible by the backend container.
Open your browser and navigate to:
http://localhost:5173
Log in via Clerk to access the full dashboard functionality.
- π Never expose port 2375 publicly β Always restrict access via firewall rules
- π Consider enabling TLS for secure remote API access (port 2376)
- π‘οΈ Use behind a VPN or internal network only
- π‘ WebSocket ports β Ensure internal ports are open if using firewalls
- π Authentication β Always keep Clerk credentials secure
# Generate certificates
openssl genrsa -aes256 -out ca-key.pem 4096
openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
# Configure Docker with TLS
dockerd --tlsverify \
--tlscacert=ca.pem \
--tlscert=server-cert.pem \
--tlskey=server-key.pem \
-H=0.0.0.0:2376
β οΈ Critical: This project requires Docker Remote API to be enabled on the target host.
- β Use behind a VPN or firewall
- β Enable TLS for Docker Remote API (port 2376)
- β Never expose port 2375 publicly without proper security
- β Implement authentication via Clerk or similar service
- β Regularly update dependencies and Docker images
- β Use network policies to restrict container communication
- β Monitor logs for suspicious activity
# Restrict Docker API to specific IP ranges (iptables example)
sudo iptables -A INPUT -p tcp --dport 2375 -s 192.168.1.0/24 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 2375 -j DROP- Container resource metrics (CPU / Memory / Disk usage)
- Exec terminal access via browser
- Multi-host management dashboard
- Container health monitoring & alerts
- Docker Compose file management
- Image build & push capabilities
- Role-based access control (RBAC)
- TLS configuration wizard
- Audit logging
# Check if Docker API is listening
sudo netstat -tlnp | grep 2375
# Test connection
curl http://<YOUR_HOST_IP>:2375/version# Add user to docker group
sudo usermod -aG docker $USER
newgrp docker- Ensure no firewall is blocking WebSocket connections
- Check browser console for specific error messages
- Verify backend container can reach Docker host
Contributions are welcome! Please follow these guidelines:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Please maintain consistent code style and document new features clearly.
This project is licensed under the MIT License - see the LICENSE file for details.
Siddhartha - GitHub Profile
Project Link: https://github.com/Siddhartha-0709/Docker-Agent
β Star this repo if you find it useful! β
Made with β€οΈ for the Docker community