{"id":38809344,"url":"https://github.com/thelolagemann/docker-xmrig-mo","last_synced_at":"2026-01-17T12:53:31.568Z","repository":{"id":64305355,"uuid":"398921978","full_name":"thelolagemann/docker-xmrig-mo","owner":"thelolagemann","description":"a tiny docker container for running xmrig-mo","archived":false,"fork":false,"pushed_at":"2024-12-12T06:55:15.000Z","size":80,"stargazers_count":6,"open_issues_count":1,"forks_count":3,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-12-12T07:22:42.865Z","etag":null,"topics":["amd","argon2","container","cpuminer","cryptocurrency","cryptonight","docker","ghostrider","intel","kawpow","miner","mining","monero","nvidia","randomx","raptoreum","ryzen","xmr","xmrig","zen"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thelolagemann.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-08-22T23:28:33.000Z","updated_at":"2024-12-12T06:55:19.000Z","dependencies_parsed_at":"2024-12-12T07:21:00.969Z","dependency_job_id":"cbc827c2-58a6-4beb-8c10-2fee63241c57","html_url":"https://github.com/thelolagemann/docker-xmrig-mo","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/thelolagemann/docker-xmrig-mo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thelolagemann%2Fdocker-xmrig-mo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thelolagemann%2Fdocker-xmrig-mo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thelolagemann%2Fdocker-xmrig-mo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thelolagemann%2Fdocker-xmrig-mo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thelolagemann","download_url":"https://codeload.github.com/thelolagemann/docker-xmrig-mo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thelolagemann%2Fdocker-xmrig-mo/sbom","scorecard":{"id":879095,"data":{"date":"2025-08-11","repo":{"name":"github.com/thelolagemann/docker-xmrig-mo","commit":"639bf5faf2121119b499267d6e01ad37f49c5493"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/thelolagemann/docker-xmrig-mo/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/thelolagemann/docker-xmrig-mo/main.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:1","Warn: containerImage not pinned by hash: Dockerfile:17","Warn: containerImage not pinned by hash: Dockerfile:23","Warn: containerImage not pinned by hash: Dockerfile:31","Warn: containerImage not pinned by hash: Dockerfile:41: pin your Docker image by updating alpine:3.14.1 to alpine:3.14.1@sha256:eb3e4e175ba6d212ba1d6e04fc0782916c08e1c9d7b45892e9796141b1d379ae","Warn: npmCommand not pinned by hash: Dockerfile:37","Info: 0 out of 1 GitHub-owned GitHubAction dependencies pinned","Info: 2 out of 3 third-party GitHubAction dependencies pinned","Info: 0 out of 5 containerImage dependencies pinned","Info: 0 out of 1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/main.yml:13"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 1 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T07:20:27.394Z","repository_id":64305355,"created_at":"2025-08-24T07:20:27.394Z","updated_at":"2025-08-24T07:20:27.394Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28508745,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T11:50:55.898Z","status":"ssl_error","status_checked_at":"2026-01-17T11:50:55.569Z","response_time":85,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amd","argon2","container","cpuminer","cryptocurrency","cryptonight","docker","ghostrider","intel","kawpow","miner","mining","monero","nvidia","randomx","raptoreum","ryzen","xmr","xmrig","zen"],"created_at":"2026-01-17T12:53:30.743Z","updated_at":"2026-01-17T12:53:31.538Z","avatar_url":"https://github.com/thelolagemann.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# xmrig-mo-docker\nA tiny docker container for quickly getting up and running with the MoneroOcean fork of xmrig.\n\n![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/thelolagemann/xmrig-mo?style=flat-square)\n![GitHub Actions Workflow Status](https://img.shields.io/github/actions/workflow/status/thelolagemann/docker-xmrig-mo/main.yml)\n![Xmrig Version](https://img.shields.io/badge/xmrig-v6.22.2-orange?style=flat-square)\n### Table of Contents\n* [Quick Start](#quick-start)\n* [Usage](#usage)\n * [Environment Variables](#environment-variables)\n * [Data Volumes](#data-volumes)\n * [Ports](#ports)\n* [Docker Compose](#docker-compose)\n* [Notes](#notes)\n * [User/Group IDs](#usergroups-ids)\n * [Configuration](#configuration)\n * [MSR](#msr)\n* [Building](#building)\n\n## Quick start\n\u003e :warning: Unfortunately it is not possible to apply MSR mod without the privileged flag. This carries severe security\n\u003e implications and should not be used lightly as it grants full access to the host.\n\n**NOTE**: The command provided is an example and should be adjusted for your needs. \n\nLaunch the miner with the following command:\n\n```bash\ndocker run -d \\\n --name=\"xmrig-mo\" \\\n -p \"127.0.0.1:3001:3001\" \\\n -v /cfg/xmrig-mo:/cfg \\\n -e WALLET_ADDRESS=\"88yUzYzB9wrR2r2o1TzXxDMENr6Kbadr3caqKTBUNFZ3dWVt6sJcpWBAwMwNRtEi7nHcBcqzmExNfdNK7ughaCeUFuXXpPp\" \\\n --restart=always \\\n --privileged \\\n thelolagemann/xmrig-mo:latest\n```\nWhere:\n* `/cfg/xmrig-mo`: The directory that will contain any configuration files.\n* `WALLET_ADDRESS`: The XMR wallet address to mine to.\n\nUpon first running the container, the miner will perform a short benchmark that should take just a few minutes. These\nresults are saved in the config.json file under the mounted `/cfg` directory. Once these benchmarks are complete, you\nwill be able to access the xmrig-workers GUI at `http://host-ip:3001`. \n\n## Usage\n```bash\ndocker run [-d] \\\n --name=xmrig-mo \\\n [ -e \u003cVARIABLE_NAME\u003e=\u003cVALUE\u003e]... \\\n [-v \u003cHOST_DIR\u003e:\u003cCONTAINER_DIR\u003e[:PERMISSIONS] ]... \\\n [-p \u003cHOST_PORT\u003e:\u003cCONTAINER_PORT\u003e ]... \\\n thelolagemann/xmrig-mo\n```\n\n| **Parameter** | **Description** |\n|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------|\n| `-d` | Run the container in the background. If not set, the container runs in the foreground. |\n| `-e` | Pass an environment variable to the container. See the [Environment Variables](#env) section for more details. |\n| `-v` | Set a volume mapping (allows to share a folder between the host and the container). See the [Data Volumes](#volumes) section for more details |\n| `-p` | Set a network port mapping (exposes an internal container port to the host). See the [Ports](#ports) section for more details |\n\n### Environment Variables\n\n| **Variable** | **Description** | **Default** |\n|-------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------|\n| `PUID` | User ID of the application. See [User/Group IDs](#usergroups-ids) to better understand when and why this should be set. | `1000` |\n| `PGID` | Group ID of the application. See [User/Group IDs](#usergroups-ids) to better understand when and why this should be set. | `1000` |\n| `RIG_NAME` | Name used to identify the mining rig. | Randomly generated |\n| `API_TOKEN` | API token used to access the xmrig API. | Randomly generated |\n| `WALLET_ADDRESS` | The xmr wallet to payout to. | (unset) |\n| `XMRIG_API_ENABLED` | Enable the xmrig API. | `true` |\n| `XMRIG_WORKERS_ENABLED` | Enable xmrig-workers\u003csup\u003e[1](#envFt1)\u003c/sup\u003e | `true` |\n| `XMRIG_WORKERS_AUTOCONFIGURE` | Automatically inject the xmrig api configuration into the xmrig-workers GUI.\u003csup\u003e[2](#envFt2)\u003c/sup\u003e | `true` |\n| `BENCHMARK` | Enable benchmarks. By default the benchmarks will only be performed on the initial run. Useful when deploying to environments with dynamically allocated resources. | (unset) |\n\n\u003csup\u003e\u003ca name=\"envFt1\"\u003e1\u003c/a\u003e: *Enabling xmrig-workers automatically enables the xmrig API*\n\n\u003csup\u003e\u003ca name=\"envFt2\"\u003e2\u003c/a\u003e: *This will automatically inject the API access token which may pose a security risk if you\nhave your container exposed to the internet.*\n\n### Data Volumes\nThe following table describes data volumes used by the container. The mappings are set via the `-v` parameter.\n\n| **Container Path** | **Permissions** | **Description** |\n|--------------------|-----------------|---------------------------------------------------------------------|\n| `/cfg` | rw | This is where the miner stores its [configuration](#configuration). |\n\n### Ports\nA list of ports used by the container. They can be mapped to the host via the `-p` parameter (one per port mapping).\n\n| Port | Required | Description |\n|--------|----------|--------------------------------------------------------------------------|\n| `3000` | No | Port used to query the xmrig API |\n| `3001` | No | Port to access xmrig-workers web UI \u003csup\u003e[1](#xmrigWorkerFootnote)\u003c/sup\u003e |\n\n\u003csup\u003e\u003ca name=\"xmrigWorkerFootnote\"\u003e1\u003c/a\u003e: *Enabling xmrig-workers automatically enables the xmrig API, which may pose \nissues if port `3000` isn't exposed from the container. In order to overcome this, any requests made to \nhttp://localhost:3001 with the Authorization header present are proxied internally.*\u003c/sup\u003e\n\n## Docker Compose\n\nHere is an example of a `docker-compose.yml` file that can be used with [docker-compose](#https://docs.docker.com/compose).\n\n**NOTE**: Make sure to adjust the configuration according to your needs. \n\n```yaml\nversion: \"3.9\"\nservices:\n xmrig-mo:\n image: thelolagemann/xmrig-mo\n ports:\n - \"3000:3000\"\n - \"3001:3001\"\n volumes:\n - \"$HOME/xmrig-mo:/cfg:rw\"\n environment:\n - WALLET_ADDRESS: \"88yUzYzB9wrR2r2o1TzXxDMENr6Kbadr3caqKTBUNFZ3dWVt6sJcpWBAwMwNRtEi7nHcBcqzmExNfdNK7ughaCeUFuXXpPp\"\n - RIG_NAME: \"docker-cpu\"\n```\n\n## Notes\n\n### User/Groups IDs\nOften when using data volumes (`-v` flags) with docker, you will run into permissions issues that occur between the host\nand container. See [here](https://medium.com/@mccode/understanding-how-uid-and-gid-work-in-docker-containers-c37a01d01cf)\nfor a more detailed breakdown of why this happens. \n\nTo avoid these issues, specify the user ID and group ID that the application should run as by specifying the `PUID` and\n`PGID` environment variables. By default, these are set to 1000:1000 which is generally the default UID/GID used\nfor the first non-system account created. If you are unsure as to the UID/GID of a username, run the following command:\n\n`id \u003cusername\u003e`\n\nWhich should output something like\n\n`uid=1000(username) gid=1000(username) groups=1000(username),4(adm),27(sudo),119(lpadmin)\n`\n\n### Configuration\nAlthough the environment variables should provide you with most of the configuration options needed to run this\ncontainer, there may be times when you want to alter the configuration of xmrig. This is as simple as locating the \n`config.json` file in your `/cfg` mount, making your wanted changes and saving the file. xmrig will automatically \nreload the configuration when it detects that the file has been modified.\n\n### MSR\nIn order to apply MSR registers, the docker container must be run with the `--privileged` flag.\n\n## Building\nIn order to build the container run the command.\n\n```bash\ndocker build -f Dockerfile .\n```\n\nWhen building docker containers, you can pass build arguments with the `--build-arg` flag. Listed below are the available\nbuild arguments you can pass during build.\n\n| Argument | Description | Default |\n|-----------------|----------------------------------|--------------|\n| `XMRIG_VERSION` | The version of xmrig-mo to build | `6.22.2-mo1` |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthelolagemann%2Fdocker-xmrig-mo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthelolagemann%2Fdocker-xmrig-mo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthelolagemann%2Fdocker-xmrig-mo/lists"}