Files
nas-tools/dashboard/backend/routers/docker_router.py
T
Gan, Jimmy c7a0a53fe8
Deploy Dashboard / deploy (push) Successful in 3m37s
security: harden dashboard (SSH keys, auth, uploads, CORS, non-root)
Remove SSH private keys from git, add SECRET_KEY validation, move WS
auth from query string to first message, add session limits/idle timeout,
PBKDF2 Fernet key, refresh token rotation, TOTP replay protection,
file upload size limit + filename sanitization, symlink safety check,
restrict CORS methods, IP-gate OpenClaw token, run container as non-root,
rate-limit refresh/passkey endpoints, sanitize Gitea path params.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-26 17:22:25 +08:00

37 lines
1.1 KiB
Python

import docker
from fastapi import APIRouter, Query
from config import DOCKER_HOST
router = APIRouter()
client = docker.DockerClient(base_url=DOCKER_HOST)
@router.get("/containers")
def list_containers():
return [
{
"id": c.short_id,
"name": c.name,
"status": c.status,
"health": (c.attrs.get("State", {}).get("Health", {}) or {}).get("Status", ""),
"image": c.image.tags[0] if c.image.tags else str(c.image.id)[:20],
"ports": c.ports,
}
for c in client.containers.list(all=True)
]
@router.post("/containers/{container_id}/{action}")
def container_action(container_id: str, action: str):
if action not in ("start", "stop", "restart"):
return {"error": "invalid action"}
c = client.containers.get(container_id)
getattr(c, action)()
return {"ok": True}
@router.get("/containers/{container_id}/logs")
def container_logs(container_id: str, tail: int = Query(200, le=10000)):
c = client.containers.get(container_id)
return {"logs": c.logs(tail=tail, timestamps=True).decode(errors="replace")}