January 4, 20206 yr I have been curious about the game server dockers available in the Community apps plug-in. I was wondering what kind of steps should I take to harden UnRaid sufficiently and securely expose a docker container to the internet?
January 5, 20206 yr 11 hours ago, Spoonikle said: I have been curious about the game server dockers available in the Community apps plug-in. I was wondering what kind of steps should I take to harden UnRaid sufficiently and securely expose a docker container to the internet? That is the wrong question It is the container that will be exposed so you need to determine from the container developer how hardened the container is. To some extent you will be protected if you only give the container limited access to your server in the path mapping.
January 27, 20206 yr Author Then mapping the container to a second interface and putting it in a VLAN should be sufficent, as long as the container is secure - Uraid is safe behind it?
April 17, 20206 yr What are the benefits of doing this and how do you do that? Edited April 17, 20206 yr by dubbly
April 17, 20206 yr On 1/27/2020 at 6:53 PM, Spoonikle said: Then mapping the container to a second interface and putting it in a VLAN should be sufficent, as long as the container is secure - Uraid is safe behind it? When you assign a docker container to a custom (macvlan) network, it will not be able to talk to the host. In other words it has already network isolation. You may put containers in a dedicated network, but from a security point of view this doesn't make much difference other than additional control you get with your router to set specific rules for the container communication.
Archived
This topic is now archived and is closed to further replies.