If you're like me (you run a home server with varying levels of personal data on it, but you're a bit lazy) you'll probably want to set up some kind of backup routine to ensure your data has an acceptable level of redundancy. Let's ignore RAID solutions for now (which is of course a valid first port...
We often get asked how to secure docker and what are good practices for running containers securely.
First, we need to understand the possible attack vectors:
We'd like to introduce our new API available under:
It currently has a single endpoint under /api/v1/images for obtaining information about our images, it gets updated several times a day, and all...
SWAG is a reverse proxy that allows you to expose your self-hosted apps to the world, but that comes with risks.
We can mitigate some risks by fine-tuning SWAG and how we access it:
A big thank you to all the people who reached out offering to help us get in touch with somebody at Docker to get this resolved. With your assistance we've been able to speak with their Developer Relations team and fix our issues with the DSOS application process. With the best will in the...
If you're the kind of smart arse who already knows how our Docker mods work under the hood, you can skip the next section, but if not then I'm afraid it's necessary reading to properly understand what follows it.
Our Docker mods are a workaround for a common problem with container im...
As we approach the end of the year we thought we would take the opportunity to take a look back at some of the things we've achieved in 2024 and how they benefit you now and in 2025. A lot of the changes we make to our pipelines and images take a while to actually reach end users, both because of th...
Many years ago we wrote a blog post on Docker networks and how to use them, but that was 2017 and this is now so surely everything has changed?
Well, not really, but at lot of this stuff is abstracted away by management interfaces and people don't understand what's going on behind the scenes s...
Our infrastructure can be broadly split into three categories: Public Facing, Internal, and Builders.The latter should be pretty self-explanatory and are a mix of amd64 and aarch64 boxes that build all our images. Internal services include things like our wiki, monitoring and metrics, automation, Di...