this post was submitted on 02 Jun 2026
26 points (84.2% liked)

Selfhosted

59697 readers
631 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
26
ExposeMap: a small CLI to map what a Docker Compose file appears to expose (lemmy.world)
submitted 4 days ago by kaibuild@lemmy.world to c/selfhosted@lemmy.world
4 comments fedilink hide all child comments
 

I wanted a quick local way to review my own Docker Compose stacks before assuming a service was private, behind a reverse proxy, or only bound to localhost.

ExposeMap is a small open-source CLI that reads a docker-compose.yml file and reports exposure hints: internal, localhost-only, directly exposed from Compose config, reverse-proxy exposed, or unknown.

It generates a Markdown report and Mermaid diagram. It checks common port mappings, localhost bindings, Traefik-style labels, likely reverse proxy services, and risky directly published database/admin ports.

Important limitation: it does not prove internet reachability, run network scans, connect to containers, modify Compose files, inspect secrets, or upload anything.

GitHub: https://github.com/kaibuild/exposemap

I'm especially looking for sanitized Compose edge cases where the classification is misleading or the wording should be clearer.

top 4 comments
sorted by: hot top controversial new old
[–] themachine@lemmy.world 13 points 4 days ago

Is this a vibe coded npm app that's purpose is to avoid reading and understanding your own compose files?

[–] clmbmb@lemmy.dbzer0.com 16 points 4 days ago (1 children)

I don't get why people don't try to use other languages for these type of CLI tools. I get that they are familiar with JavaScript, but npm is a nightmare right now and I wouldn't install anything with it for some time.

There's always shell scripting available, also Go, Rust and lots of other options (I specifically don't mention Python, as pip is also a bit problematic).

[–] lastweakness@lemmy.world 1 points 1 day ago

How is Rust not problematic? Cargo has the same risks involved afaik

[–] irmadlad@lemmy.world 2 points 4 days ago

Hey, thanks for sharing bro.