KNEL/TSYSDevStack-SupportStack-LocalWorkstation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(demo): route Dockhand through socket proxy, add resource limits

Browse Source 
- Route Dockhand Docker access through docker-socket-proxy via
  DOCKER_HOST=tcp://docker-socket-proxy:2375 instead of direct
  socket mount, enforcing the security model documented in AGENTS.md
- Add POST, DELETE, ALLOW_START, ALLOW_STOP, ALLOW_RESTARTS
  permissions to socket proxy for Dockhand container management
- Add deploy.resources.limits.memory to all 16 services
  (128M-1024M depending on service needs)
- Add MailHog SMTP port 4019 mapping (1025 internal) so applications
  can actually send test emails to MailHog
- Remove stale config/portainer/ directory

💘 Generated with Crush

Assisted-by: GLM-5.1 via Crush <crush@charm.land>
This commit is contained in:
reachableceo
2026-05-01 09:41:08 -05:00
parent 904fc6d727
commit 265d146bd3
2 changed files with 79 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
demo/demo.env.template
View File

@@ -24,6 +24,7 @@ ARCHIVEBOX_PORT=4013
TUBE_ARCHIVIST_PORT=4014
WAKAPI_PORT=4015
MAILHOG_PORT=4017
MAILHOG_SMTP_PORT=4019
ATUIN_PORT=4018
# Network Configuration