Docker and Best Practices
Hi everyone,
I’d like to get your opinions and feedback regarding “best practices” for deploying Docker containers on a NAS.
First of all, I haven’t managed to allow Docker management access to a regular “user” account. I can fine-tune permissions for directories, but Docker management itself (the app) is only accessible to “admin” accounts.
So for now, Docker is managed by an admin account, which gives it (and especially the containers) more privileges than necessary. That said, I only bind the strictly necessary directories and resources.
How can I make this setup cleaner and more secure?
I imagine the simplest solution would be to create dedicated users, but to what extent?
- One user per stack?
- One user for Docker in general?
I can refine permissions for directories, but not for Docker management itself, so I’m a bit lost.
Thanks in advance!