Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
-
AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Imagine your containers as very lightweight mini-VMs. Would you run everything as root in your virtual machines? Containers aren't really that different to classical VMs from an operations point of view. You have a different attack surface, but it is still there, and running as a non-root user inside the container reduces this attack surface, and should IMHO be the default. Privileged containers and users may be required for specific purposes, but should not be the norm, if possible.
This comment shows misunderstanding of what container and virtual machines are and how the technology behind each concept works. Containers are NOT virtual machines, do not treat them as such.
You're right, containers are not VMs, and I've never claimed that. For the matter of basic unix access control for a beginner they are similar enough to treat them as such. It's enough of a baseline for basic security for a beginners workload imo. For advanced use cases - absolutely do not treat containers as you would VMs.