preliminary chainquery container #3

Closed
opened 2018-10-06 18:26:16 +02:00 by Leopere · 1 comment
Leopere commented 2018-10-06 18:26:16 +02:00 (Migrated from github.com)

Ideally, passwords themselves should be ephemeral so that they're generated fresh from /dev/random on container instantiation. They should also eventually be wiped after they're used initially by the containers CMD and ENTRYPOINT scripts.  However, the SQL databases should never be presented to the public-facing networking so the authentication likely won't be tested.  The attack vector would be through any appliance using the DB at that point so they would already have access to credentials pulling from the dependant appliance. 
~~~Similar to #1, #4, and #5 except for the Chainquery appliance.~~~ This appliance has a dependency on using a MariaDB/MySQL database so initially, the docker-compose base template will include just the bare essentials but potentially in the future, I may include an Adminer container which can be spun up behind the coupled Traefik container mentioned in #3 to provide database access without needing to learn SQL queries directly. This may help if people receive takedown requests but I don't know if this would be the best way to handle this or not. Ideally, passwords themselves should be ephemeral so that they're generated fresh from /dev/random on container instantiation. They should also eventually be wiped after they're used initially by the containers CMD and ENTRYPOINT scripts. However, the SQL databases should never be presented to the public-facing networking so the authentication likely won't be tested. The attack vector would be through any appliance using the DB at that point so they would already have access to credentials pulling from the dependant appliance.
Leopere commented 2018-10-06 23:57:02 +02:00 (Migrated from github.com)

This works now.

This works now.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: LBRYCommunity/lbry-docker#3
No description provided.