Docker provider
The Docker provider exposes Docker daemon metadata as files. It reads through the host-mediated Unix socket capability; the WASM provider does not open arbitrary sockets.
Docker access is powerful because the Docker daemon is powerful. Treat this mount as a read surface over daemon state, not as a harmless local file.
At a glance
Section titled “At a glance”| Field | Value |
|---|---|
| Provider id | docker |
| Default mount | /docker |
| WASM | omnifs_provider_docker.wasm |
| Manifest | providers/docker/omnifs.provider.json |
| Routes | providers/docker/src/lib.rs |
| Auth | none |
| Capabilities | configured Docker Unix socket for daemon access used by the built-in provider’s read-oriented routes; declared memory need 64 MB |
omnifs init dockeromnifs upomnifs shellThe default endpoint is unix:///var/run/docker.sock. Configure another endpoint only when your daemon uses a non-standard socket.
Main paths
Section titled “Main paths”/docker/system/info.json/docker/system/version.json/docker/system/df.json/docker/system/ping/docker/containers.json/docker/compose.json/docker/containers/by-name/{reference}/docker/containers/by-id/{reference}/docker/containers/running/{reference}/docker/containers/stopped/{reference}/docker/compose/{project}/services/{service}/containers/{reference}Container reference directories expose:
inspect.jsonstatesummary.txtExamples
Section titled “Examples”cat /omnifs/docker/system/version.json | jq .cat /omnifs/docker/system/pingls /omnifs/docker/containers/runningcat /omnifs/docker/containers/by-name/postgres/statecat /omnifs/docker/containers/by-name/postgres/inspect.json | jq .Config.Imagecat /omnifs/docker/compose.json | jq .Capability notes
Section titled “Capability notes”omnifs keeps the provider in a WASM sandbox, and the built-in Docker provider currently issues read-oriented daemon requests. The Unix socket grant itself is still high-authority: the host checks the socket path, not a Docker API method/path policy.
The socket file may be mounted read-only into the runtime container, but Docker daemon API access remains powerful. Treat this provider as a high-authority local integration.
Cache behavior
Section titled “Cache behavior”The Docker provider uses direct file and directory routes rather than SDK object routes. Reads are mutable snapshots from Docker API callouts, not durable canonical object reads.