Link: github.com/azukaar/cosmos-Server/

Cosmos 0.11.0 is out with a new backup system to export all your docker containers! The Linux and Mac clients are also out for some early testing, please share your feedback!

https://preview.redd.it/htjbg0ze5rvb1.jpg?width=1695&format=pjpg&auto=webp&s=944ae33ae00c67159eddecf4ff923a1a0141e106

The new backup system works by reading the list of containers on your server and exporting a single compose file, with all the setup you need to recreate (in case of crash) or migrate your server.

The backup system triggers on every docker change, including changes you’ve made outside of Cosmos (ex. Portainer, etc…).

It outputs to a single file in your config folder, which you can backup with various strategy to keep a history of your docker containers state!

As a reminder, this exists alongside the existing features:

  • App Store 📦📱 To easily install and manage your applications, with simple installers, automatic updates and security checks
  • Customizable Homepage 🏠🖼 To access all your applications from a single place, with a beautiful and customizable UI
  • Reverse-Proxy 🔄🔗 Targeting containers, other servers, or serving static folders / SPA with automatic HTTPS, and a nice UI
  • VPN 🌐🔒 To securely access your applications from anywhere, without having to open ports on your router.
  • Authentication Server 👦👩 With strong security, multi-factor authentication and multiple strategies (OpenId, forward headers, HTML)
  • Container manager 🐋🔧 To easily manage your containers and their settings, keep them up to date as well as audit their security. Includes docker-compose support!
  • Identity Provider 👦👩 To easily manage your users, invite your friends and family to your applications without awkardly sharing credentials. Let them request a password change with an email rather than having you unlock their account manually!
  • SmartShield technology 🧠🛡 Automatically secure your applications without manual adjustments (see below for more details). Includes anti-bot and anti-DDOS strategies.

As always, eager to get some feedback on this release, here’s the rest of the changelog:

- Docker export feature for backups on every docker event
- Disable support for X-FORWARDED-FOR incoming header (needs further testing)
- Compose Import feature now supports skipping creating existing resources
- Compose Import now overwrite containers if they are differents
- Added support for cosmos-persistent-env, to persist password when overwriting containers (useful for encrypted or password protected volumes, like databases use)
- Fixed bug where import compose would try to revert a previously created volume when errors occurs
- Terminal for import now has colours
- Fix a bug where ARM CPU would not be able to start Constellation

happy hosting!

You are viewing a single thread.
View all comments
1 point

The readme is all about security and holes and other bad things that hackers/miscreants/bots can do and how Cosmos can prevent them, but the example run command has this which pretends none of those things actually exist:

--privileged  -v /:/mnt/host

Any sort of security lapse/hole in Cosmos or the software it builds upon gives a miscreant/bot/hacker full read/write access to the entire host system!

It’s ironic as the readme has many bolded statements about how cosmos protects docker containers from one another in case one is breached, but makes the bold assumption that the Cosmos container itself is completely secure.

Mounting ‘/’ from the host is a bad suggestion. Yes, the readme says it’s optional, but holy heck don’t make it the suggested method as many of the folks using Cosmos are doing so because they don’t understand security and they’ll use the suggested run command. They don’t know this is a BAD suggestion.

permalink
report
reply
1 point

Cosmos is a fully fledged server management platform, as such it requires those access to the host server in order to operate.

“–privileged -v /:/mnt/host” is not as bad of a thing as you would think in that context, in fact it is equivalent to running a daemon like you would with any other alternative (CasaOS, Umbrel, etc…) those are just requirement for Cosmos to run with the same level of exposure as those alternatives who are not docker containers.

My only alternative would have been to make Cosmos a daemon and not a container, but then it would make install and maintenance harder

I understand your point, and yes ideally it would run as an isolated container, but it’s just not possible to have a supervisor software managing your server running in an isolated container with no container, it is contradictory

I propose as alternative to run Cosmos with lower privilege, in which case some features will not work but the default is to run cosmos with the privileges it requires for all features to work as expected.

And the bottom line, the security benefits behind Cosmos for your average home-server outweigh by far this “–privileged -v /:/mnt/host”. Slight reminder than a very large portion of people running alternatives like Casa, Umbrel, etc… Also expose those root daemon without even HTTPS or anything!

permalink
report
parent
reply
1 point

I think you’re missing the point. My issue is sharing / with the container as root. I understand some parts of Cosmos require --privileged. That is not my issue.

To be super repetitive, my issue is the combination of --privileged with -v /:/mnt/host

The very next statement in your documentation after this says:

in this command, -v /:/mnt/host is optional and allow to manage folders from Cosmos, you can remove it if you don’t want it but you will have to create your container’s bind folders manually.

If it’s optional, then don’t give it in the sample command that 99% of users will run. You can’t tell me that it’s not a risk.

And saying “other programs have risks, too” is pretty cowardly defense against suggesting users do something as unsafe as mapping their entire host file system to Cosmos when Cosmos doesn’t need it.

permalink
report
parent
reply
1 point

Another way of seeing it is, if Cosmos wasn’t a container it would see `/` anyway. It’s not extra access, it’s just a workaround for Docker

permalink
report
parent
reply

Self-Hosted Main

!main@selfhosted.forum

Create post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

For Example

  • Service: Dropbox - Alternative: Nextcloud
  • Service: Google Reader - Alternative: Tiny Tiny RSS
  • Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Community stats

  • 1

    Monthly active users

  • 1.8K

    Posts

  • 11K

    Comments

Community moderators