Skip to main content

VPS Setup - Docker Swarm + Traefik + Portainer

Automates VPS setup with Docker Swarm, Traefik, and Portainer for efficient production deployment.

Install this skill

or
0/100

Security score

The VPS Setup - Docker Swarm + Traefik + Portainer skill was audited on May 15, 2026 and we found 71 security issues across 5 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 387

Template literal with variable interpolation in command context

SourceSKILL.md
387```bash
medium line 479

Template literal with variable interpolation in command context

SourceSKILL.md
479```bash
high line 66

Piping content to bash shell

SourceSKILL.md
66curl -fsSL https://get.docker.com | bash
medium line 66

Curl to non-GitHub URL

SourceSKILL.md
66curl -fsSL https://get.docker.com | bash
medium line 90

Curl to non-GitHub URL

SourceSKILL.md
90curl -fsSL https://download.docker.com/linux/$OS_ID/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
medium line 257

Curl to non-GitHub URL

SourceSKILL.md
257curl -sI http://localhost:80 | head -3
medium line 351

Curl to non-GitHub URL

SourceSKILL.md
351RESPONSE=$(curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/users/admin/init" \
medium line 365

Curl to non-GitHub URL

SourceSKILL.md
365TOKEN=$(curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/auth" \
medium line 374

Curl to non-GitHub URL

SourceSKILL.md
374curl -k -s "https://$VPS_PORTAINER_DOMAIN/api/status" | jq .
medium line 668

Curl to non-GitHub URL

SourceSKILL.md
668curl -sk "https://$VPS_EVOLUTION_DOMAIN" | head -c 200
medium line 772

Curl to non-GitHub URL

SourceSKILL.md
772TOKEN=$(curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/auth" \
medium line 777

Curl to non-GitHub URL

SourceSKILL.md
777curl -k -s "https://$VPS_PORTAINER_DOMAIN/api/endpoints" \
medium line 781

Curl to non-GitHub URL

SourceSKILL.md
781curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/stacks/create/swarm/string?endpointId=1" \
medium line 875

Curl to non-GitHub URL

SourceSKILL.md
875curl -sI http://SEU_DOMINIO
medium line 884

Curl to non-GitHub URL

SourceSKILL.md
884curl -k -s https://$VPS_PORTAINER_DOMAIN/api/status
medium line 927

Curl to non-GitHub URL

SourceSKILL.md
927curl -sk -H "apikey: SUA_API_KEY" "https://$VPS_EVOLUTION_DOMAIN/instance/fetchInstances"
low line 560

Webhook reference - potential data exfiltration

SourceSKILL.md
560- WA_BUSINESS_TOKEN_WEBHOOK=evolution
low line 575

Webhook reference - potential data exfiltration

SourceSKILL.md
575## Webhook (desabilitado por padrao)
low line 576

Webhook reference - potential data exfiltration

SourceSKILL.md
576- WEBHOOK_GLOBAL_ENABLED=false
medium line 164

Access to root home directory

SourceSKILL.md
164cat > /root/traefik.yaml << 'TRAEFIKEOF'
medium line 235

Access to root home directory

SourceSKILL.md
235sed -i "s/NETWORK_PLACEHOLDER/$VPS_NETWORK/g" /root/traefik.yaml
medium line 236

Access to root home directory

SourceSKILL.md
236sed -i "s/EMAIL_PLACEHOLDER/$VPS_EMAIL_SSL/g" /root/traefik.yaml
medium line 239

Access to root home directory

SourceSKILL.md
239docker stack deploy --prune --resolve-image always -c /root/traefik.yaml traefik
medium line 268

Access to root home directory

SourceSKILL.md
268cat > /root/portainer.yaml << 'PORTAINEREOF'
medium line 318

Access to root home directory

SourceSKILL.md
318sed -i "s/NETWORK_PLACEHOLDER/$VPS_NETWORK/g" /root/portainer.yaml
medium line 319

Access to root home directory

SourceSKILL.md
319sed -i "s/PORTAINER_DOMAIN_PLACEHOLDER/$VPS_PORTAINER_DOMAIN/g" /root/portainer.yaml
medium line 322

Access to root home directory

SourceSKILL.md
322docker stack deploy --prune --resolve-image always -c /root/portainer.yaml portainer
medium line 396

Access to root home directory

SourceSKILL.md
396cat > /root/postgres.yaml << POSTGRESEOF
medium line 440

Access to root home directory

SourceSKILL.md
440sed -i "s/NETWORK_PLACEHOLDER/$VPS_NETWORK/g" /root/postgres.yaml
medium line 443

Access to root home directory

SourceSKILL.md
443docker stack deploy --prune --resolve-image always -c /root/postgres.yaml postgres
medium line 481

Access to root home directory

SourceSKILL.md
481POSTGRES_PASS="${VPS_POSTGRES_PASS:-$(grep 'POSTGRES_PASSWORD' /root/postgres.yaml | awk -F '=' '{print $2}')}"
medium line 496

Access to root home directory

SourceSKILL.md
496cat > /root/evolution.yaml << 'EVOLUTIONEOF'
medium line 634

Access to root home directory

SourceSKILL.md
634sed -i "s/EVOLUTION_DOMAIN_PLACEHOLDER/$VPS_EVOLUTION_DOMAIN/g" /root/evolution.yaml
medium line 635

Access to root home directory

SourceSKILL.md
635sed -i "s/EVOLUTION_APIKEY_PLACEHOLDER/$EVOLUTION_API_KEY/g" /root/evolution.yaml
medium line 636

Access to root home directory

SourceSKILL.md
636sed -i "s/POSTGRES_PASS_PLACEHOLDER/$POSTGRES_PASS/g" /root/evolution.yaml
medium line 637

Access to root home directory

SourceSKILL.md
637sed -i "s/NETWORK_PLACEHOLDER/$VPS_NETWORK/g" /root/evolution.yaml
medium line 640

Access to root home directory

SourceSKILL.md
640docker stack deploy --prune --resolve-image always -c /root/evolution.yaml evolution
medium line 695

Access to root home directory

SourceSKILL.md
695docker stack deploy --prune --resolve-image always -c /root/portainer.yaml portainer
medium line 708

Access to root home directory

SourceSKILL.md
708docker stack deploy --prune --resolve-image always -c /root/portainer.yaml portainer
medium line 713

Access to root home directory

SourceSKILL.md
713docker stack deploy --prune --resolve-image always -c /root/traefik.yaml traefik
medium line 739

Access to root home directory

SourceSKILL.md
739docker stack deploy --prune --resolve-image always -c /root/evolution.yaml evolution
medium line 786

Access to root home directory

SourceSKILL.md
786\"stackFileContent\": \"$(cat /root/meu-servico.yaml | jq -sR .)\"
medium line 815

Access to root home directory

SourceSKILL.md
815docker stack deploy --prune --resolve-image always -c /root/traefik.yaml traefik
medium line 906

Access to root home directory

SourceSKILL.md
906# docker stack deploy --prune --resolve-image always -c /root/postgres.yaml postgres
medium line 924

Access to root home directory

SourceSKILL.md
924grep "AUTHENTICATION_API_KEY" /root/evolution.yaml
high line 945

Access to root home directory

SourceSKILL.md
9455. **Salve os YAMLs** em `/root/` para facilitar redeploys futuros
medium line 86

Access to system keychain/keyring

SourceSKILL.md
86sudo install -m 0755 -d /etc/apt/keyrings
medium line 90

Access to system keychain/keyring

SourceSKILL.md
90curl -fsSL https://download.docker.com/linux/$OS_ID/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
medium line 91

Access to system keychain/keyring

SourceSKILL.md
91sudo chmod a+r /etc/apt/keyrings/docker.gpg
medium line 93

Access to system keychain/keyring

SourceSKILL.md
93echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/$OS_ID $OS_CODENAME stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev
low line 66

External URL reference

SourceSKILL.md
66curl -fsSL https://get.docker.com | bash
low line 90

External URL reference

SourceSKILL.md
90curl -fsSL https://download.docker.com/linux/$OS_ID/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
low line 93

External URL reference

SourceSKILL.md
93echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/$OS_ID $OS_CODENAME stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev
low line 257

External URL reference

SourceSKILL.md
257curl -sI http://localhost:80 | head -3
low line 351

External URL reference

SourceSKILL.md
351RESPONSE=$(curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/users/admin/init" \
low line 365

External URL reference

SourceSKILL.md
365TOKEN=$(curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/auth" \
low line 374

External URL reference

SourceSKILL.md
374curl -k -s "https://$VPS_PORTAINER_DOMAIN/api/status" | jq .
low line 377

External URL reference

SourceSKILL.md
377echo "Portainer acessível em: https://$VPS_PORTAINER_DOMAIN"
low line 511

External URL reference

SourceSKILL.md
511- SERVER_URL=https://EVOLUTION_DOMAIN_PLACEHOLDER
low line 561

External URL reference

SourceSKILL.md
561- WA_BUSINESS_URL=https://graph.facebook.com
low line 668

External URL reference

SourceSKILL.md
668curl -sk "https://$VPS_EVOLUTION_DOMAIN" | head -c 200
low line 673

External URL reference

SourceSKILL.md
673echo "Manager: https://$VPS_EVOLUTION_DOMAIN/manager"
low line 674

External URL reference

SourceSKILL.md
674echo "BaseUrl: https://$VPS_EVOLUTION_DOMAIN"
low line 772

External URL reference

SourceSKILL.md
772TOKEN=$(curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/auth" \
low line 777

External URL reference

SourceSKILL.md
777curl -k -s "https://$VPS_PORTAINER_DOMAIN/api/endpoints" \
low line 781

External URL reference

SourceSKILL.md
781curl -k -s -X POST "https://$VPS_PORTAINER_DOMAIN/api/stacks/create/swarm/string?endpointId=1" \
low line 850

External URL reference

SourceSKILL.md
850| Portainer CE | 1/1 | `https://$VPS_PORTAINER_DOMAIN` |
low line 852

External URL reference

SourceSKILL.md
852| Evolution API | 1/1 | `https://$VPS_EVOLUTION_DOMAIN` |
low line 875

External URL reference

SourceSKILL.md
875curl -sI http://SEU_DOMINIO
low line 884

External URL reference

SourceSKILL.md
884curl -k -s https://$VPS_PORTAINER_DOMAIN/api/status
low line 927

External URL reference

SourceSKILL.md
927curl -sk -H "apikey: SUA_API_KEY" "https://$VPS_EVOLUTION_DOMAIN/instance/fetchInstances"
Scanned on May 15, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.0K
Rate this skill
Categorydevelopment
UpdatedJune 10, 2026
openclawdevopsbackenddevops-srebackend-developeroperations-managerdocker🇧🇷 BRdevelopmentoperations
LeoYeAI/openclaw-master-skills