• 0 Posts
  • 4 Comments
Joined 5 days ago
Cake day: April 2nd, 2026
  • def@aussie.zonetoSelfhosted@lemmy.worldJellyfin critical security update - This is not a jokeEnglish
    1·
    5 days ago

    If that is indeed true it would only mean that the docker container is vulnerable to a supply chain attack. You are not any more vulnerable to a vulnerability in the codebase.

    If you’re using the ghcr image, to post malicious code there, the attack would have already had to compromise their github infra … which would likely result in the attacker being able to push malicious code to git or publish malicious releases. Their linux distro packages are self published via a ppa/install script, which I would assume just pull from their github releases, so a bad github release would immediately be pulled as an update by users just as fast as a container.

  • def@aussie.zonetoSelfhosted@lemmy.worldHow do you document your setup?English
    1·
    5 days ago

    err . i don’t really. well I do a bit. the obvious one is config-as-documentation: docker compose mainly. I’m in the middle from migrating from storing them in portainer’s internal store to using git (and dockhand), which should improve their role as documentation with the addition of vcs.

    in addition I have a handful of markdown notes in my obsidian vault to track a few things. there’s some general terminal stuff command references, which aren’t strictly for the server. i have a list off all my hard drives, including their SN,PN,Partition UUID and label (this is their partition/volume label as well an actual physical label on them. It makes moving between operations on my host machine, omv VM and physical drive easy. its a maddening combination of using three or more command ouputs to map a drive between whatever info is available in proxmox, a vm or physically otherwise!