this post was submitted on 02 Jun 2026
26 points (81.0% liked)

Selfhosted

59897 readers
710 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
26
ExposeMap: a small CLI to map what a Docker Compose file appears to expose (lemmy.world)
submitted 1 week ago by kaibuild@lemmy.world to c/selfhosted@lemmy.world
4 comments fedilink hide all child comments
 

I wanted a quick local way to review my own Docker Compose stacks before assuming a service was private, behind a reverse proxy, or only bound to localhost.

ExposeMap is a small open-source CLI that reads a docker-compose.yml file and reports exposure hints: internal, localhost-only, directly exposed from Compose config, reverse-proxy exposed, or unknown.

It generates a Markdown report and Mermaid diagram. It checks common port mappings, localhost bindings, Traefik-style labels, likely reverse proxy services, and risky directly published database/admin ports.

Important limitation: it does not prove internet reachability, run network scans, connect to containers, modify Compose files, inspect secrets, or upload anything.

GitHub: https://github.com/kaibuild/exposemap

I'm especially looking for sanitized Compose edge cases where the classification is misleading or the wording should be clearer.

you are viewing a single comment's thread
view the rest of the comments
[–] lastweakness@lemmy.world 1 points 1 week ago

How is Rust not problematic? Cargo has the same risks involved afaik