Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.sundew.sh/llms.txt

Use this file to discover all available pages before exploring further.

The quickest path to a production deployment:
docker-compose.yml
services:
  sundew:
    image: karpie28/sundew:latest
    ports:
      - "8080:8080"
    volumes:
      - ./data:/app/data
    cap_drop:
      - ALL
    read_only: true
    tmpfs:
      - /tmp
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
      interval: 30s
      timeout: 5s
      retries: 3

docker compose up -d

Security hardening

Sundew’s Docker image is hardened by default:
PropertyDefault
Root filesystemRead-only (--read-only)
UserNon-root, UID 1001 (sundew)
CapabilitiesNone (--cap-drop=ALL)
Writable paths./data/ only
Health check/health endpoint

Network isolation

For maximum security, deploy with no outbound network access: 
docker run --network=none karpie28/sundew:latest
Or use a dedicated bridge network with no internet access: 
docker network create --internal sundew-net
docker run --network=sundew-net karpie28/sundew:latest

Storage limits

Prevent disk exhaustion from high-traffic attacks: 
docker run --storage-opt size=1G karpie28/sundew:latest
Sundew also has built-in limits:
  • SQLite database: 500 MB max (oldest events pruned)
  • JSONL log: 100 MB with 5 rotated backups
  • Rate limiting: 100 req/s per source IP (configurable)

Deployment checklist

Before going live, verify:
1

Network isolation

Container has no outbound network access (--network=none or internal bridge).
2

Read-only filesystem

Root filesystem is read-only with only ./data/ writable.
3

Non-root execution

Running as non-root user (UID 1001).
4

No real credentials

No real API keys, tokens, or passwords anywhere in config or persona files.
5

Canary validation

All canary tokens are verifiably fake: sundew validate-config.
6

Log rotation

Storage limits configured to prevent disk exhaustion.
7

Host firewall

Only the honeypot port is open inbound. No egress allowed.
8

Security audit

make audit passes (pip-audit + bandit + security tests).

Building from source

docker build -t sundew:local .
docker run -p 8080:8080 -v ./data:/app/data sundew:local
The Dockerfile uses a multi-stage build on Docker Hardened Images (dhi.io/python:3.13-alpine) with nonroot execution, no shell, and minimal attack surface.