github-actions[bot]
commented
3 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Closed GiuseppeGalilei closed 3 months ago
github-actions[bot]
commented
3 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
aptalca
commented
3 months ago I won't delete this because you linked to the source rather than providing the one liner here directly.
But a word of caution to users in general, never blindly run one liners that random people post on forums, blogs and issues, ones that wget or curl a script from somewhere and run it (often with sudo). Always check the script to ensure it is not doing something nefarious. If you're not sure, then don't run it. That's a common way people get hacked.
GiuseppeGalilei
commented
3 months ago I won't delete this because you linked to the source rather than providing the one liner here directly.
But a word of caution to users in general, never blindly run
one linersthat random people post on forums, blogs and issues, ones that wget or curl a script from somewhere and run it (often with sudo). Always check the script to ensure it is not doing something nefarious. If you're not sure, then don't run it. That's a common way people get hacked.
I thought about that for the "one liner", that is why the script by default runs without "sudo" (and only asks for it if necessary, giving anyway the user the option to opt out, perform manually the action for which sudo was needed, and then re-run the script without needing sudo at all), any advice on how something like this can be made safer and more trustworthy for the user?
aptalca
commented
3 months ago You didn't do anything wrong (that's why I didn't delete the post). One liners do have their advantage like in this case, but the issue is inherent and the safety part really falls on the end user. I just wanted to get the PSA out in a place where I could target the folks potentially most vulnerable (ones interested in one liners).
With that said, we have had others post in our github issues one liners that run docker images with binaries and no source published. We do shut those down right away.
GiuseppeGalilei
commented
3 months ago That makes a lot of sense, thanks for the insights!
Is this a new feature request?
Wanted change
I've created some raw compose files, along with instructions, which allow to deploy both Unifi Network Application and MongoDB containers easily. I've also written a script, which can be invoked with just a single command from the terminal, that makes the deployment process truly painless for the user.
You can find the code at: https://github.com/GiuseppeGalilei/Unifi-Network-Application A demo of the script at: https://www.youtube.com/watch?v=AEg99KGtOFY
The repository has seen quite some traffic lately, which indicates an interest from users. It would be great if you can somewhere link to my repository or pin this issue here, so that more beginner users can benefit from it.
Reason for change
Deploying containers for both Unifi Network Application and MongoDB can be difficult for beginner users.
Proposed code change
No response