Skip to content

OpenCanary Container Image

Self-hosted OpenCanary honeypot container image.

Features

  • Deploy a lightweight honeypot that detects and logs unauthorized network access.
  • Supports custom configuration via bind-mounted config files.
  • Ships as a single container image with versioned tags matching upstream releases.

Usage

Pull the image

podman pull registry.gitlab.com/niclas-zone/ctr/opencanary:latest
podman pull registry.gitlab.com/niclas-zone/ctr/opencanary:0.9.8

Run with a config file

podman run \
  -v /path/to/opencanaryd:/etc/opencanaryd:Z \
  -v /path/to/logs:/var/log/opencanary:Z \
  --network host \
  registry.gitlab.com/niclas-zone/ctr/opencanary:latest --start

Run with Quadlet

[Unit]
Description=OpenCanary Honeypot Container
After=network-online.target
Wants=network-online.target

[Container]
ContainerName=opencanary
Image=registry.gitlab.com/niclas-zone/ctr/opencanary:0.9.8
Pull=newer
AutoUpdate=registry
Network=host
Volume=/home/sv-opencanary/opencanary/etc:/etc/opencanaryd:U
Volume=/home/sv-opencanary/opencanary/log:/var/log/opencanary:U
Label=service=opencanary

[Service]
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target

Author

Niclas Heinz

Contributing

Contributions are welcome! Please open an issue or submit a merge request if you have suggestions or improvements.

License

  • Container configuration: MIT (see LICENSE).
  • OpenCanary itself: Apache-2.0.