Hello, I recently ran into an issue when trying to allow watchtower to pull images through this proxy while keeping the other APIs read-only and thought I'd share my solution. This PR introduces a new access check that can grant read/write permissions to any section of the Docker API.
Now, read/write access is managed using XXXXX_READ and XXXXX_WRITE environment variables, where XXXXX represents the Docker API section. For instance, setting CONTAINERS_READ=1 allows GET/HEAD requests to the containers endpoint.
To keep everything backwards compatible, original variable names may still be used to grant read-only access. The POST variable will grant write access to all readable APIs, preserving the functionality of the original code.
If you're interested in merging this, but have some questions or feedback just let me know.
Hello, I recently ran into an issue when trying to allow watchtower to pull images through this proxy while keeping the other APIs read-only and thought I'd share my solution. This PR introduces a new access check that can grant read/write permissions to any section of the Docker API.
Now, read/write access is managed using XXXXX_READ and XXXXX_WRITE environment variables, where XXXXX represents the Docker API section. For instance, setting CONTAINERS_READ=1 allows GET/HEAD requests to the containers endpoint.
To keep everything backwards compatible, original variable names may still be used to grant read-only access. The POST variable will grant write access to all readable APIs, preserving the functionality of the original code.
If you're interested in merging this, but have some questions or feedback just let me know.