Comment on Exposing docker socket to a container
LainTrain@lemmy.dbzer0.com 6 days ago
Is the container exposed to the internet?
If yes, do not.
If no, I think it will be ok so long as it’s actually not exposed to the internet, e.g. ideally behind NAT with no port forwards and all ipv6 traffic turned off or some other deny all inbound firewall outside the system itself that sits between it and the system on which the container runs.
5ymm3trY@discuss.tchncs.de 6 days ago
No, none of my containers are exposed to the internet and I don’t intend to do so. I leave that to people with more experience. I have however setup the Wireguard VPN feature of my router to access my home network from outside which I need occasionally. But as far as I read, that is considered one of the savest options IF you have to make it available. No outside access is of course always preferred.