Docker makes every debugging more difficult. Why using it? You are just compiling the whole executable anyway
You don’t have to use docker, a binary is available.
I use docker and I don’t find it especially difficult to work with. Are you facing any particular issue?
2 Likes
Well, it couldn’t run it on my Turris omnia or another NASes, I had to manually extract the executable.
Yes, I know, but my point is that you have to deal with docker issues uselessly. The Docker makes usually the debugging harder, you allways have to explain how to extract logs from docker. Looking at plain log file is always esasier.
Well Alot of people like running it in docker for the main reason its so simple to create and remove a container at anytime an add more then one container to run more nodes if you wanted to pretty simple. Plus the added securities of running it inside of a containing vs running it on a baremetal system.
OK, please delete my issue.
Securities? Maybe, but just running it one separate user is secure enough
Even if you were to run with another user thats not as secure as running it in a container where the storagenode actually lives. Its kinda like when you run windows in sandbox mode where if you got a virus it wouldnt make it into the real windows.
Well, it’s secure enough for a web server…
But you are forgetting that your files are already really securelly encrypted. What’s the point of accessing that?
The only danger is when your executable is infected. And when I run it unique user?
I’m not talking about the files, I’m talking about if the container itself was hacked the user wouldn’t have access to anything but the container.
The web server isn’t secure that is why you don’t open to the public.
All right, I will do it using you manul. am behind Turris Omnia and planned to run the nodes on linux separate user but I will reduce my rick of being packed from 0.001 to 0.0001
I’m sure that it someone hacks your user, it’s probably NOT your node.
Not sure I understand this. Are you saying that you have or have not seen the post about the standalone binaries?
Many NASes don’t allow you to install custom services or simply remove stuff when they are updated. On Synology docker is an excellent solution to work around that. You can very easily redirect the logs to a file with just a simple edit of the config.yaml.
1 Like