mirror of
https://github.com/dokku/dokku.git
synced 2026-05-18 05:05:46 +02:00
a70728f61e
Add defense-in-depth sanitization for OpenResty include files to prevent OS command injection via malicious filenames that break shell quoting in eval. - Add filename validation in core-post-extract using regex [^a-zA-Z0-9_.-] - Validate both http-includes and location-includes paths - Abort deploy via dokku_log_fail on unsafe filenames - Skip non-regular files (symlinks, directories) during extraction - Add security regression test with unsafe filename containing space - Keep existing guards in docker-args-process-deploy as belt-and-suspenders - Update documentation to clarify allowed filename characters Addresses CVSS 9.9 vulnerability where filenames like poc'$(cmd)'x.conf could escape shell quoting and execute arbitrary commands during deploy.
Dokku Documentation
This documentation covers the installation, configuration, and usage of Dokku - a Docker-powered PaaS that provides a Heroku-like experience.
Getting Started
- Installation - Install Dokku on your server
- Advanced Installation - Custom installation options
- Upgrading - Upgrade to newer Dokku versions
- Uninstalling - Remove Dokku from your server
- Troubleshooting - Common issues and solutions
- Where to Get Help - Support resources
Deployment
- Application Deployment - Deploy your first app
- Application Management - Manage deployed applications
- Logs - View application logs
- Remote Commands - Run commands remotely
- User Management - Manage SSH access
- Zero Downtime Deploys - Deploy without interruption
Deployment Methods
Builders
- Builder Management - Configure build systems
- Buildpack Management - Manage buildpack settings
- Herokuish Buildpacks - Heroku-compatible buildpacks
- Cloud Native Buildpacks - CNB support
- Dockerfiles - Build from Dockerfile
- Nixpacks - Nixpacks builder
- Railpack - Railpack builder
- Lambda - Lambda-style functions
- Null Builder - Skip the build phase
Schedulers
- Scheduler Management - Configure schedulers
- Docker Local - Default Docker scheduler
- K3s - Lightweight Kubernetes
- Kubernetes - External Kubernetes clusters
- Nomad - HashiCorp Nomad
- Null Scheduler - Skip scheduling
Continuous Integration
- Generic CI - General CI/CD setup
- GitHub Actions
- GitLab CI
- Woodpecker CI
Configuration
- Environment Variables - Configure app environment
- Domains - Custom domain management
- SSL/TLS - HTTPS and certificates
Networking
- Proxy Management - Reverse proxy configuration
- Port Management - Port mapping and exposure
- DNS - DNS configuration
- Network - Docker network management
Proxies
Processes
- Process Management - Scale and manage processes
- Scheduled Cron Tasks - Scheduled jobs
- One-off Tasks - Run one-time commands
- Entering Containers - Access running containers
Advanced Usage
- Persistent Storage - Mount volumes
- Docker Options - Custom Docker run arguments
- Resource Management - CPU and memory limits
- Plugin Management - Install and manage plugins
- Registry Management - Docker registry integration
- Repository Management - Git repository settings
- Build Tracking - Inspect, cancel, and manage builds
- Deployment Tasks - Pre/post deploy hooks
- Event Logs - Dokku event history
- Backup and Recovery - Data backup strategies
Development
- Architecture - Internal architecture overview for contributors
- Plugin Creation - Build custom plugins
- Plugin Triggers - Available plugin hooks
- Testing - Test Dokku and plugins
- Release Process - How Dokku releases work
Community
Enterprise
- Dokku Pro - Commercial features and support
Appendices
Migration Guides
- 0.38.0
- 0.37.0
- 0.36.0
- 0.35.0
- 0.34.0
- 0.33.0
- 0.32.0
- 0.31.0
- 0.30.0
- 0.29.0
- 0.28.0
- 0.27.0
- 0.26.0
- 0.25.0
- 0.24.0
- 0.23.0
- 0.22.0
- 0.21.0
- 0.20.0
- 0.10.0
- 0.9.0
- 0.8.0
- 0.7.0
- 0.6.0
- 0.5.0
File Formats
- app.json - Application configuration
- Procfile - Process definitions
- Dockerfile - Docker build instructions
- .buildpacks - Buildpack configuration
- project.toml - CNB configuration
- nixpacks.toml - Nixpacks configuration
- railpack.json - Railpack configuration
- lambda.yml - Lambda configuration
- nginx.conf.sigil - Nginx template customization