Hi! Question in the title.

I get that its super easy to setup. But its really worthwhile to have something that:

  • runs everything as root (not many well built images with proper useranagement it seems)
  • you cannot really know which stuff is in the images: you must trust who built it
  • lots of mess in the system (mounts, fake networks, rules…)

I always host on bare metal when I can, but sometimes (immich, I look at you!) Seems almost impossible.

I get docker in a work environment, but on self hosted? Is it really worth while? I would like to hear your opinions fellow hosters.

  • vzq@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 months ago

    Apparently I was unclear, I was referring to the security implications of using different manifestations of other people’s code. Those are rather similar.

    I’d recommend reading up on docker and containerization. It is not a script for setting up software.

    I was referring specifically to docker files. Those are almost to the letter scripts for setting up software.

    if that’s what you’re thought is then you really don’t understand containerization and I recommend taking some learnings on it.

    I find your attitude not just uncharitable, but also rude.

    • Scrubbles@poptalk.scrubbles.tech
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      and I find misinformation about topics like this also to be rude. It’s perfectly fine if you don’t understand something, but what I don’t like is you going out of your way to dissuade people from using a product when I don’t think you understand the core concepts of it. If you have valid criticisms like security of docker then that’s a different conversation about securing containers, but it’s hard to take them as valid criticisms if the criticism is based on a fundamental misunderstanding of the product.

      I don’t think anyone I have ever talked to professionally or read about docker would ever describe a dockerfile as “scripts for setting up software”. It is much more nuanced then that.

      So yes, I’m a bit rude about it. I do this professionally and I’m very tired of people who don’t understand containerization explain to me how containerization sucks.