{"id":"btcpayserver-docker-gen","name":"docker-gen","homepage":"https://hub.docker.com/r/btcpayserver/docker-gen","repo_url":"https://hub.docker.com/r/btcpayserver/docker-gen","category":"infrastructure","subcategories":[],"tags":["docker","templates","reverse-proxy","configuration-generation","devops","infrastructure","automation"],"what_it_does":"docker-gen is a utility that watches Docker events/templates and generates files (typically reverse-proxy routing config such as Nginx/HAProxy) based on container metadata, enabling dynamic service configuration without manual edits.","use_cases":["Generate load balancer/reverse-proxy configuration from running Docker containers","Automatic routing updates when containers start/stop","Run as a sidecar/container in Docker environments for dynamic infrastructure configuration"],"not_for":["Producing a generic application API for consumption by clients","Use as a secure secrets management system","Environments where Docker metadata is unavailable or templates cannot be rendered safely"],"best_when":"You need rapid, container-driven regeneration of proxy/router config in self-managed Docker hosts.","avoid_when":"You require a stable, strongly typed remote API contract (this is a local generator/sidecar pattern).","alternatives":["Traefik (dynamic discovery + built-in config generation)","Caddy with Docker integration","nginx-proxy/letsencrypt-nginx-proxy-companion","HashiCorp Consul/nomad service discovery with a templating layer","Kubernetes-native ingress controllers (if on K8s)"],"af_score":26.2,"security_score":21.0,"reliability_score":35.0,"package_type":"mcp_server","discovery_source":["docker_mcp"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:33:54.855063+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"No client authentication is described because docker-gen is typically run locally in the same environment and connects to the Docker engine (which may require Docker daemon access). Any security posture depends on how you grant Docker socket/daemon permissions."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source/self-hosted utility; pricing depends on your infrastructure and any orchestration you run it under."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":26.2,"security_score":21.0,"reliability_score":35.0,"mcp_server_quality":0.0,"documentation_accuracy":20.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":60.0,"rate_limit_clarity":0.0,"tls_enforcement":20.0,"auth_strength":20.0,"scope_granularity":0.0,"dependency_hygiene":40.0,"secret_handling":30.0,"security_notes":"Primary risk is operational: docker-gen typically needs access to the Docker daemon or socket, which can be high-privilege. Template rendering can be a vector for misconfiguration if untrusted container labels/metadata are used. There’s no evidence here of end-user TLS/auth controls since it’s not an external network service.","uptime_documented":0.0,"version_stability":50.0,"breaking_changes_history":50.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["docker-gen is sidecar/template-driven; there is no stable remote API to call for queries","it relies on Docker event streams/metadata; behavior depends heavily on Docker socket/permissions and template correctness","generated config reload semantics (and idempotency) depend on your chosen target process (e.g., nginx reload) rather than docker-gen itself"]}}