Flatpak has better security features than docker. While its true it’s not designed with server apps in mind, it is possible to use its underlying “bubblewrap” to create isolated environments. Maybe in the future, tooling will improve its features and bridge the gap.
- 1 Post
- 15 Comments
Joined 1 year ago
Cake day: July 9th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
This blog post explains it well:
https://cosmicbyt.es/posts/demistifying-containers-part-1/
Essentially, containers are means of creating environments in which you can run software, and those environments are:
- isolated, which makes it a very controlled environment. Much harder to run into errors
- reproducible: we have tools that reproduce the same container from an image file
- easy to distribute: just have the container image.
- little to no compromises on performance (at least on Linux)
It is essentially a way for you to run a program without having to worry how to set up the environment, why it didn’t work as expected, what dependencies you’re missing, etc.
2·8 months agoHow much RAM would this consume?
Containers have numerous other benefits. Checkout this blog post, it goes into some of them:
Web browser, mobile app, smart TV app (android TV and other options).
There’s a list of clients somewhere. Maybe there’s a desktop app too idk.
I would recommend you mention “graphical” or “GUI” in your main post. Most suggestions to be assuming CLI.
Some suggestions mentioned NFS / SSHFS. Those would allow you to use any GUI file manager for moving stuff over.
Sorry I can’t help more. Don’t have a lot of knowledge in gui tools
Can you tell us what’s your issue with scp? It’ll help us make better recommendations.
Sshfs is also a good candidate if for whatever reason you want security / encryption
Would this work offline? Say a device only has access to LAN; no outside access. Can it still verify correctly?
I talked about this a bit in my post, but my issue with small step is it seems I have to maintain a web service and obtain my certs through API requests. I worry that this might be more hassle and setup than just generating the cert on a CLI for the two end points I have.
Am I over estimating the overhead here?
I should’ve linked it in my post, but unfortunately that’s the first guide I tried which gave me the issues I mentioned in first paragraph :(
Did it work for you?? Browser would not accept my certs even if I trust them locally.
Would that even work? Pointing my domain to a 192 IP address? I don’t see how that would work.
Looks great! I’m happy there’s a lot of depth here! Will report back when I go through it. Thanks a lot!
I do this already using systemd service (well technically OpenRC script, but I doubt you’re using openRC. Systemd is equivalent).
They’re similar under the good, but flatpak is optimized for desktop use. Docker targets server applications.