luckberg/unraid-docker-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a0551e0d634a428e1fa4962d56b36565aa51444
unraid-docker-manager/.planning/PROJECT.md
T
Lucas Berger b89f78db21 chore: complete v1.1 milestone 
Archived:
- milestones/v1.1-ROADMAP.md
- milestones/v1.1-REQUIREMENTS.md

Deleted (fresh for next milestone):
- REQUIREMENTS.md

Updated:
- MILESTONES.md (new v1.1 entry)
- PROJECT.md (requirements → Validated, updated current state)
- ROADMAP.md (v1.1 collapsed, v1.2 phases added)
- STATE.md (reset for v1.2)

v1.1 shipped: Inline keyboard UX and Docker security hardening
- Phases 6-9 complete (11 plans)
- 4 requirements deferred to v1.2 (UNR-01, ENV-01, ENV-02, WEB-01)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 10:55:26 -05:00

107 lines
4.9 KiB
Markdown
Raw Blame History

# Unraid Docker Manager
## What This Is
A Telegram bot that lets you manage Docker containers on your Unraid server via inline keyboard buttons and text commands. Control containers from your phone without needing to open a laptop — check status, view logs, start/stop/restart/update containers, batch operations on multiple containers at once.
## Core Value
When you get a container update notification or notice a service is down, you can immediately investigate and act from your phone.
## Requirements
### Validated
**v1.0:**
- ✓ Send a message to the bot and receive a response — v1.0
- ✓ Check container status ("status") — v1.0
- ✓ Start a container by name — v1.0
- ✓ Stop a container by name — v1.0
- ✓ Restart a container by name — v1.0
- ✓ Update a container (pull new image, recreate) — v1.0
- ✓ View container logs with configurable line count — v1.0
- ✓ Bot only responds to your Telegram user ID — v1.0
**v1.1:**
- ✓ n8n API access for Claude Code (programmatic workflow read/update/test/logs) — v1.1
- ✓ Docker socket security (remove direct socket from internet-exposed n8n) — v1.1
- ✓ Telegram inline keyboard buttons (container list with pagination and action buttons) — v1.1
- ✓ Batch container operations (update/start/stop/restart multiple at once) — v1.1
- ✓ Confirmation dialogs for dangerous actions (stop, update) — v1.1
- ✓ Progress feedback during operations (message edits) — v1.1
### Active
**Milestone v1.2: Modularization & Polish**
- [ ] Workflow modularization (break main workflow into sub-workflows)
- [ ] Environment variable audit (verify TELEGRAM_USERID/BOT_TOKEN necessity)
- [ ] Unraid update sync (clear "update available" when bot updates container)
- [ ] Telegram webhook fix (bot responds when workflow is published)
### Out of Scope
- Taking over Unraid notifications — keep existing notification system, this bot is for control
- Deploying new containers — manage existing only, not create new ones
- Natural language understanding — simple keyword matching sufficient, Claude API adds complexity
- Proactive monitoring/notifications — bot is reactive (you ask, it answers)
- Resource queries — "what's using the most memory?" deferred to future version
## Current State
**Shipped:** v1.1 (2026-02-04)
**Tech stack:** n8n workflow + Telegram Bot API + Docker socket proxy
**Files:** n8n-workflow.json (~8,500 lines), README.md
**Architecture:** tecnativa/docker-socket-proxy filters Docker API access
## Context
**Environment:**
- Unraid server with Intel N100 CPU, 32GB RAM
- n8n container with Docker socket proxy access (no direct socket mount)
- Multiple Docker containers (Plex, Sonarr, lldap, etc.)
- docker-socket-proxy on dockernet network
**Constraints:**
- Platform: Unraid (Docker-based)
- Orchestration: n8n (already running)
- Matching: Keyword/substring with exact-match priority
- Auth: Single user via Telegram ID
- Logs: Configurable line count, default 50, max 1000
- Callback data: 64-byte Telegram limit (affects batch/selection features)
## Key Decisions
| Decision | Rationale | Outcome |
|----------|-----------|---------|
| Use keyword matching over NLU | Simple substring matching works well, Claude API adds complexity | ✓ Good |
| Use n8n for orchestration | Already running, handles Telegram webhooks | ✓ Good |
| Manage existing containers only | Keeps scope focused, deployment rarely needed from mobile | ✓ Good |
| Single user auth via Telegram ID | Simple security, only one person needs access | ✓ Good |
| Static curl binary mount | Hardened n8n image lacks package manager | ✓ Good |
| Exact match priority | Prevents substring collisions (plex vs jellyplex) | ✓ Good |
| Default to :latest tag | Prevents Docker API from pulling all tags | ✓ Good |
| HTML escape logs | Log content may contain <tag> text | ✓ Good |
| docker-socket-proxy for security | Filters dangerous APIs (exec, build, commit) at network level | ✓ Good |
| Container create API allowed | Update command needs container recreation | ✓ Good |
| Colon callback format | Compact format fits 64-byte limit | ✓ Good |
| editMessageText transitions | Clean UX with no message clutter | ✓ Good |
| 30-second confirmation timeout | Prevents stale confirmations | ✓ Good |
| Batch stop requires confirmation | Fuzzy matching risk for destructive operations | ✓ Good |
| Two-phase batch execution | Callbacks have names but no IDs - need lookup | ✓ Good |
| Update all filters to :latest | Performance optimization - full check would be slow | ✓ Good |
## Current Milestone: v1.2 Modularization & Polish
**Goal:** Complete remaining v1.1 scope — modularize workflow for maintainability, fix webhook, audit environment, sync Unraid badges.
**Target features:**
- Workflow modularization (carried from Phase 9.1)
- Webhook fix (WEB-01)
- Environment audit (ENV-01, ENV-02)
- Unraid badge sync (UNR-01)
- Documentation overhaul
---
*Last updated: 2026-02-04 after v1.1 milestone*
Reference in New Issue View Git Blame Copy Permalink