|
|
|
|
|
|
by Helmut10001
887 days ago
|
|
|
I agree that rootless containers and isolated namespaces are critical security features. But with docker rootless, this is also possible and not complicated. You just have to do it. I have written a blog post to set up Mastodon in docker rootless with all the best practices currently available [1]. The benefit with sticking with docker is that accessibility is better: More communities, more blogs, broad availability of docker compose configs, more peers knowing how to use it etc. In the end, both podman and docker run processes in isolated namespaces on the host. [1]: https://du.nkel.dev/blog/2023-12-12_mastodon-docker-rootless... |
|
|