foudreclair (@foudreclair@piaille.fr)
Alerte sécurité : Trivy (aquasec) a été victime d’une supply chain attack.
Des images Docker malveillantes ont été publiées sur Docker Hub, impactant notamment les tags :
- latest
- 0.69.4
- 0.69.5
- 0.69.6
Si vous utilisez Trivy via Docker :
- vérifiez le digest de votre image
- supprimez les images concernées
- repassez sur une version saine (ex : 0.69.3)
Les images compromises pouvaient contenir un infostealer visant les credentials.
Détails : https://www.docker.com/blog/trivy-supply-chain-compromise-what-docker-hub-users-should-know/
#security #docker #trivy #devops #supplychain
Show Original Post
mburlac (@mburlac@mastodon.social)
Zenithal - a native macOS app for Docker and Kubernetes management.
Real-time container monitoring, Docker Compose orchestration with visual service graphs, Compose Builder, Kubernetes integration, Trivy security scanning, and built-in terminal.
Works alongside any Docker runtime -Docker Desktop, Colima, OrbStack, etc. It doesn't replace your runtime, just gives you a better interface.
empiricapps.com/zenithal/download
#docker #kubernetes #macos #devtools #containers #swiftui #devops
Show Original Post
w (@w@peer.adalta.social)
Die Autonomie des Homelab-Administrators
https://peer.adalta.social/w/jDZSBpNQiPYTyuq4Zcmkrf
Show Original Post
Areeb_Soo_Yasir (@Areeb_Soo_Yasir@mastodon.areebyasir.com)
Scary #Github #supplychain #cybersecurity attack on #Aquasecurity #docker images
This one is a classic issue of accidentally putting credentials, tokens or keys into what is pushed onto Github. It happens much more than people think.
I advocate for completely private build process and the scaling back of public repositories as it is easy to see how to surreptitiously modify code to inject malware into an image.
https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/
Show Original Post
schiwagoa (@schiwagoa@social.retronerd.at)
🎉 4 Jahre RetroNerd 🎉
Seit 4 Jahren dreht sich auf retronerd.at alles um Selfhosting, Docker & Nerd-Projekte 🐳
🎮 Highlight: mein Trackmania-Server „Retro-Mania“
* gemeinsames Docker-Projekt:
https://git.techniverse.net/scriptos/tmserver-docker
🖥️ Dahinter läuft eine kleine eigene Infrastruktur aus Web, Monitoring & Services:
https://services.retronerd.at/status/retronerd
Danke fürs Mitlesen & Support 🙏
Auf viele weitere Nerd-Jahre!
#selfhosting #docker #trackmania #homelab
Show Original Post
2026 (@2026@shawnhooper.ca)
Disable “What’s New” Notices in Docker CLI
Today’s post is just a screen de-cluttering tip. How to hide the “What’s New” notices that clutter Docker’s CLI output.
https://shawnhooper.ca/2026/03/24/disable-whats-new-notices-in-docker-cli/ #docker
Show Original Post
foobardevs (@foobardevs@infosec.exchange)
For a while, deploying apps meant a familiar ritual: SSH in, pull the repo, pray nothing breaks, repeat for every service.
Manual.
Fragile.
Exhausting.
This week I finally consolidated everything into a proper self-hosted control plane.
The stack:
→ aaPanel as the central dashboard which I heard about from a friend
→ Docker for containerised app isolation (absolute cancer)
→ PostgreSQL for database management (with per-app panels and log visibility)
→ DuckDNS handling dynamic DNS + automated HTTPS via Let's Encrypt (stayed up until 3AM on Sunday for this btw)
→ Netlify on the frontend side cuz it's easy to deploy
The difference is hard to overstate.
One dashboard.
Full log access across services.
Deployments that don't require me to remember 12 steps in the right order at 11pm.
It's not a perfect setup, aaPanel is proprietary-ish and Netlify is clearly not self-hosted, but it's a defenitely a step away from "I'll fix it manually when it breaks" territory.
Curious if anyone here has migrated from this kind of hybrid setup toward something fully FOSS.
Always looking for the next rabbit hole.
- UltraX
#SelfHosting #DevOps #Docker #FOSS #Linux #Infrastructure #HomeServer #OpenSource #Privacy #Sysadmin #Python #javascript #saas
Show Original Post
askubuntu (@askubuntu@ubuntu.social)
Why is "docker compose up -d" freezing up terminal while trying to set up Immich? #softwareinstallation #docker
https://askubuntu.com/q/1565121/612
Show Original Post
lynze (@lynze@mole.lynze.net)
He aquí un vídeo (con su entrada en el blog) muy instructivo de Lawrence Systems, sobre qué elegir a la hora de instalar servicios #Docker en #LXC o #VM de #Proxmox con su tabla comparativa y todo.
Sigo pensando que la mejor opción para Docker en Proxmox es una #MáquinaVirtual. Tiene también sus desventajas, pero en mi caso, creo que es mejor así. LXC para servicios individuales que además no necesiten #NFS o #SMB.
https://www.youtube.com/watch?v=G97LJ_w3fug&feature=youtu.be
Show Original Post
OndrejZizka (@OndrejZizka@mastodon.social)
I've updated my #Docker image for #Luanti ( #Minecraft clone) + #Mineclonia + a few mods + possibly #PostgreSQL .
https://hub.docker.com/r/ondrejzizka/luanti-mineclonia-mods
The source code:
https://github.com/OndraZizka/luanti-postgresql-docker
And the server runs at luanti.zizka.ch , feel free to join ;-)
Show Original Post
ngate (@ngate@mastodon.social)
🎉🚀 BREAKING NEWS: #NanoClaw, the company no one has heard of, is adopting #OneCLI Agent Vault—a feature so mind-blowingly necessary they had to write a novel about it. Now, every agent in their isolated #Docker wonderland can blissfully avoid raw API keys, because who needs those when you've got inflated #jargon and a false sense of security? 🤖🔐
https://nanoclaw.dev/blog/nanoclaw-agent-vault/ #AgentVault #Security #HackerNews #ngated
Show Original Post
ollieread (@ollieread@phpc.social)
It's been a while, but I've posted a new article on my somewhat updated site!
This one is all about getting Laravels `composer run dev` command to work with Laravel sail.
https://ollieread.com/articles/composer-run-dev-and-laravel-sail
Show Original Post