May Docker Discussion

@xenforum said in May Docker Discussion:

I'll definitely be using nodeBB in Docker if I end up going with that.

Like this, it would make dabbling with it more approachable for less technical users (not suggesting that @xenforum is less technical), but docker-compose up is much easier than, at minimum,

• install node (from nodejs.org? nvm? apt-get? brew?)
• clone NodeBB repo
• install Mongo / redis / Postgres (again, multiple ways to do this)
• run npm install (hopefully not with sudo)
• run install script
• (maybe even) install and configure nginx.

The only thing running in docker makes more difficult is developing plugins. I can't house the plugin repo from within node_modules because for all intents and purposes, the stuff in node_modules is ephemeral, and you can't symlink from outside the NodeBB root because of the way Docker context works.

@julian said in May Docker Discussion:

Case in point https://duo.com/decipher/docker-bug-allows-root-access-to-host-file-system

Ouch...!

This article is pure FUD; it's like saying that because a car thief can open your door right after you unlock it and before you get in, all of the locks and the car alarm are useless.

From one of the paragraphs near the end:

This scenario would only be possible if the container was already compromised and a user was using 'docker cp' to replicate the container files and occurred at the same time the copy was being made, a window that is only a few milliseconds.

There were some other, more prominent articles describing root exploits by attaching the docker socket into the container, a scenario which is both unnecessary and uncommon (it would only be used if you're trying to run Docker in Docker).

So while it's not bullet proof (I mean, what technology really is?), it's more secure than installing a random package from the internet with sudo npm install

@scottalanmiller said in May Docker Discussion:

@Bri said in May Docker Discussion:

But that’s what Docker brings to the table that no one else has done (as consumer friendly) yet: containerization on the desktop.

Does it really do that? I can containerize with Snap, Flatpak, LXC, etc. on the desktop just the same, unless I am missing some feature. What does Docker do that I didn't already have?

Yes, but I'm only coming from the perspective of development experience. Admittedly, I haven't tried any of the things you mentioned, but a cursory search shows that:

• Snap doesn't work on windows yet
• flatpak appears to only work on Linux distros
• Docker is a high level abstraction of LXC, which again only works on Linux kernels

So how much work do you think it would take to get this to work on both Windows (your preferred development machine) and macOS?

You could just give a Linux VM image to devs, or make them dev on a Linux machine, but I've worked that way before (in a VM) and I hated it. Docker has by far been the most portable and reproducible solution for development work that I've experienced.

It would be easiest (and cheapest) to host both on the same machine for starting out.

@scottalanmiller has done some great scaling of this platform, he may have some pointers

@omega what is the output of this call:

cat /etc/os-release

Do you remember if you installed node or any npm packages as root (which is the user you’re running commands with when you sudo)?

What is your hosting provider?

The errors you’re getting are not typical for node installations so you need to provide more information about your environment.

As an aside I’ve had a lot of trouble with n and will probably migrate back to nvm

what OS are you running on?

@scottalanmiller said in May Docker Discussion:

@djensen47 said in May Docker Discussion:

Docker has become the defacto standard for containerization.

And Windows is the de facto standard desktop.

But that’s what Docker brings to the table that no one else has done (as consumer friendly) yet: containerization on the desktop.

For developers, this can save so much time in terms of onboarding, setting up a new machine for development, and consistency.

@MJ said in Dark mode theme yet?:

We did made a few changes in CSS

Custom CSS or custom theme?

Just curious what the architecture is behind it? Is that pure NBB + 1 beefy VPS? Varnish? cluster?

I thought skins were being phased out?

@scottalanmiller said in Need help about Install:

our largest site has hit 191 million hits in a month.

Holy. shit.

nodebb-plugin-ns-embed has been working pretty well for me, and you can customize the embed code to your liking

Seems to be all the rage now. I was using @pichalite's awesome material theme because it's really clean, but more because it's got a dark mode. I'm hanging back on my nbb updates 'cause he seems to have been MIA lately and the theme seems to be going stale...

I heard rumors about a (persona?) dark theme in the works, is that still happening (or has that happened?)

I feel like it makes the UI more busy and doesn't really add anything.

You know if you want all this UI stuff, you're more than welcome to take an existing theme and modify it to your hearts desire.

You never get a confirmation email from mail gum when you register? That might be part of the problem

Nothing new in the logs?

I don't know much about lambda, but from what I do know, it would require an entire re-write of the app because of the way lambda works. You would also need to tweak your DB settings too because it can cause so many more connections to your database than the traditional server architecture.

Try Digital Ocean, they're affordable and a lot of people here use it. I've been running a server (albeit with very low traffic) with 1GB of memory for a few years now.

Yeah I saw this happen to me as well. Not sure why... When i went through updating my forum though, the ./nodebb upgrade step caught it.

I've since published 1.1.0 which upgrades the dependencies to something more recent, and less vulnerable. Apparently npm audit caught it but snyk didn't...

@Normando I pushed an update for imgbed (1.0.3) a few days ago, did your issue resolve?