Oh fantastic… That’s another 5 services to test drive.
crunchy@lemmy.dbzer0.com
on 12 Dec 18:36
nextcollapse
I’ve been pretty satisfied with my *arr stack so far, but how are the alternatives?
otacon239@lemmy.world
on 12 Dec 18:50
nextcollapse
Thank you for this! I’ve been trying to find a NextCloud replacement for years. I personally can’t stand the database approach to managing files. So glad to see Sync-In can just add a system folder directly without having to import.
nublug@piefed.blahaj.zone
on 12 Dec 18:52
nextcollapse
switched from portainer to arcane recently. much easier on the eyes and the ability to save compose projects without deploying them yet is exactly what i was looking for. one thing is weird and i should prolly make an issue for it: no horizontal scroll or word wrap function in the compose editor, so for those compose files with extensive comments like npmplus you’ll have to have open in a text editor or webpage to read to the end of lines.
man, arcane looks amazing, I ended up deciding off it though as their pull requests look like they use copilot for a lot of code for new features. Not that I personally have an issue with this but, I’ve seen enough issues where copilot or various AI agents add security vulnerabilities by mistake and they aren’t caught, so I would rather stray away from those types of projects at least until that issue becomes less common/frequent.
For something as detrimental as a management console to a program that runs as root on most systems, and would provide access to potentially high secure locations, I would not want such a program having security vulnerabilities.
while docker does have a non-root installer, the default installer for docker is docker as root, containers as non-root, but since in order to manage docker as a whole it would need access to the socket, if docker has root the container by extension has root.
Even so, if docker was installed in a root-less environment then a compromised manager container would still compromise everything on that docker system, as a core requirement for these types of containers are access to the docker socket which still isn’t great but is still better than full root access.
To answer the question: No it doesn’t require it to function, but the default configuration is root, and even in rootless environment a compromise of the management container that is meant to control other containers will result in full compromise of the docker environment.
nublug@piefed.blahaj.zone
on 13 Dec 01:13
collapse
ugh well that sucks butt. i’ll be trying new alternatives tonight i guess lol
I’m just waiting for something like this with native podman support
priapus@piefed.social
on 12 Dec 19:42
nextcollapse
Those media management apps look great. Sonarr and Radarr have both annoyed me a bit recently, I’ll definitely be looking into them.
suicidaleggroll@lemmy.world
on 12 Dec 20:56
nextcollapse
Thanks! BentoPDF is fantastic, I never knew something like this existed.
I have a todo list where I keep track of services I might be interested in one day, I read your post a few hours ago and added Bento to my list, thinking I might get around to it in a few days/weeks/months. Then out of nowhere 15 minutes ago I randomly needed to crop and split a PDF and realized I didn’t have anything to do it. I fired Bento up and was done in under a minute.
threaded - newest
Oh fantastic… That’s another 5 services to test drive.
I’ve been pretty satisfied with my *arr stack so far, but how are the alternatives?
Thank you for this! I’ve been trying to find a NextCloud replacement for years. I personally can’t stand the database approach to managing files. So glad to see Sync-In can just add a system folder directly without having to import.
switched from portainer to arcane recently. much easier on the eyes and the ability to save compose projects without deploying them yet is exactly what i was looking for. one thing is weird and i should prolly make an issue for it: no horizontal scroll or word wrap function in the compose editor, so for those compose files with extensive comments like npmplus you’ll have to have open in a text editor or webpage to read to the end of lines.
man, arcane looks amazing, I ended up deciding off it though as their pull requests look like they use copilot for a lot of code for new features. Not that I personally have an issue with this but, I’ve seen enough issues where copilot or various AI agents add security vulnerabilities by mistake and they aren’t caught, so I would rather stray away from those types of projects at least until that issue becomes less common/frequent.
For something as detrimental as a management console to a program that runs as root on most systems, and would provide access to potentially high secure locations, I would not want such a program having security vulnerabilities.
Does it have to run as root? It’s common to run Docker in rootless mode in production environments.
while docker does have a non-root installer, the default installer for docker is docker as root, containers as non-root, but since in order to manage docker as a whole it would need access to the socket, if docker has root the container by extension has root.
Even so, if docker was installed in a root-less environment then a compromised manager container would still compromise everything on that docker system, as a core requirement for these types of containers are access to the docker socket which still isn’t great but is still better than full root access.
To answer the question: No it doesn’t require it to function, but the default configuration is root, and even in rootless environment a compromise of the management container that is meant to control other containers will result in full compromise of the docker environment.
ugh well that sucks butt. i’ll be trying new alternatives tonight i guess lol
any recommendations?
I’m just waiting for something like this with native podman support
Those media management apps look great. Sonarr and Radarr have both annoyed me a bit recently, I’ll definitely be looking into them.
Thanks! BentoPDF is fantastic, I never knew something like this existed.
I have a todo list where I keep track of services I might be interested in one day, I read your post a few hours ago and added Bento to my list, thinking I might get around to it in a few days/weeks/months. Then out of nowhere 15 minutes ago I randomly needed to crop and split a PDF and realized I didn’t have anything to do it. I fired Bento up and was done in under a minute.
You might be interested in StirlingPDF too.
Yeah I use StirlingPDF extensively.
I might give Bento a try but ultimately not much incentive to change.
You will love omnitools
Usually I find these lists a bit “meh”, but there’s actually a bunch of stuff here I want to try.
I used compose maker a lot when i started learning docker recently. It’s a great way to see how to use tool.