Link: github.com/azukaar/cosmos-Server/
Cosmos 0.11.0 is out with a new backup system to export all your docker containers! The Linux and Mac clients are also out for some early testing, please share your feedback!
The new backup system works by reading the list of containers on your server and exporting a single compose file, with all the setup you need to recreate (in case of crash) or migrate your server.
The backup system triggers on every docker change, including changes you’ve made outside of Cosmos (ex. Portainer, etc…).
It outputs to a single file in your config folder, which you can backup with various strategy to keep a history of your docker containers state!
As a reminder, this exists alongside the existing features:
- App Store 📦📱 To easily install and manage your applications, with simple installers, automatic updates and security checks
- Customizable Homepage 🏠🖼 To access all your applications from a single place, with a beautiful and customizable UI
- Reverse-Proxy 🔄🔗 Targeting containers, other servers, or serving static folders / SPA with automatic HTTPS, and a nice UI
- VPN 🌐🔒 To securely access your applications from anywhere, without having to open ports on your router.
- Authentication Server 👦👩 With strong security, multi-factor authentication and multiple strategies (OpenId, forward headers, HTML)
- Container manager 🐋🔧 To easily manage your containers and their settings, keep them up to date as well as audit their security. Includes docker-compose support!
- Identity Provider 👦👩 To easily manage your users, invite your friends and family to your applications without awkardly sharing credentials. Let them request a password change with an email rather than having you unlock their account manually!
- SmartShield technology 🧠🛡 Automatically secure your applications without manual adjustments (see below for more details). Includes anti-bot and anti-DDOS strategies.
As always, eager to get some feedback on this release, here’s the rest of the changelog:
- Docker export feature for backups on every docker event
- Disable support for X-FORWARDED-FOR incoming header (needs further testing)
- Compose Import feature now supports skipping creating existing resources
- Compose Import now overwrite containers if they are differents
- Added support for cosmos-persistent-env, to persist password when overwriting containers (useful for encrypted or password protected volumes, like databases use)
- Fixed bug where import compose would try to revert a previously created volume when errors occurs
- Terminal for import now has colours
- Fix a bug where ARM CPU would not be able to start Constellation
happy hosting!
I just got into selfhosted using Cosmos and I’d like to cause it makes everything less overwhelming
Glad to hear it :)
This is a wonderful way of describing something I was looking for.
Going to give this a shot. Fingers crossed lol.
Seems like i have to jump in again. Three versions ago i changed back to NPM because it handled 40+ domains faster.
If you are experiencing any performance issue, feel free to document them to me so I can investigate your setup and potentially fix any shortcomings :)
I’ve tried a number of these “stacks” and some have great communities and others not so much. But the peeps with Cosmos are amongst the very best. Extremely helpful. Cosmos and YAMS are the best IMHO.
noob question but would I be able to install this on a free-tier VPS and use it to manage content on a seedbox (without root access) and services on my local network?
You need root access to manage docker containers that’s (almost) unavoidable. Also Cosmos does not support managing remote docker instances. On the other hand, a good (and secure) pattern is to use Constellation (the integrated VPN) on 2 servers with cosmos installed on each. you can connect them together. One of the servers (the seedbox) is the main server running services but it is not exposed on the internet and the only way to access it is to connect to the VPN on the other VPS
Okay i didnt knew about this and looks amazing
Does it support podman? ideally as non root
Thank you for this! Does this include volume data or do we have to manually back that up ourselves?
I’m wondering what the full process of recovery looks like, as if it’s a compose file of all containers, I imagine this would restore brand new services unless we handle the volumes right? Or does it also back up volume data as well?
It does not include volume data, but backing up volumes is a planned feature too, it’s just a lot more difficult of a feature to develop :p
Basically backing up volumes is easy without Cosmos, it’s just a folder, but backing up your container is much harder, that’s why I added it in priority
Ah many thanks :D
The readme is all about security and holes and other bad things that hackers/miscreants/bots can do and how Cosmos can prevent them, but the example run command has this which pretends none of those things actually exist:
--privileged -v /:/mnt/host
Any sort of security lapse/hole in Cosmos or the software it builds upon gives a miscreant/bot/hacker full read/write access to the entire host system!
It’s ironic as the readme has many bolded statements about how cosmos protects docker containers from one another in case one is breached, but makes the bold assumption that the Cosmos container itself is completely secure.
Mounting ‘/’ from the host is a bad suggestion. Yes, the readme says it’s optional, but holy heck don’t make it the suggested method as many of the folks using Cosmos are doing so because they don’t understand security and they’ll use the suggested run command. They don’t know this is a BAD suggestion.
Cosmos is a fully fledged server management platform, as such it requires those access to the host server in order to operate.
“–privileged -v /:/mnt/host” is not as bad of a thing as you would think in that context, in fact it is equivalent to running a daemon like you would with any other alternative (CasaOS, Umbrel, etc…) those are just requirement for Cosmos to run with the same level of exposure as those alternatives who are not docker containers.
My only alternative would have been to make Cosmos a daemon and not a container, but then it would make install and maintenance harder
I understand your point, and yes ideally it would run as an isolated container, but it’s just not possible to have a supervisor software managing your server running in an isolated container with no container, it is contradictory
I propose as alternative to run Cosmos with lower privilege, in which case some features will not work but the default is to run cosmos with the privileges it requires for all features to work as expected.
And the bottom line, the security benefits behind Cosmos for your average home-server outweigh by far this “–privileged -v /:/mnt/host”. Slight reminder than a very large portion of people running alternatives like Casa, Umbrel, etc… Also expose those root daemon without even HTTPS or anything!
I think you’re missing the point. My issue is sharing / with the container as root. I understand some parts of Cosmos require --privileged. That is not my issue.
To be super repetitive, my issue is the combination of --privileged with -v /:/mnt/host
The very next statement in your documentation after this says:
in this command, -v /:/mnt/host is optional and allow to manage folders from Cosmos, you can remove it if you don’t want it but you will have to create your container’s bind folders manually.
If it’s optional, then don’t give it in the sample command that 99% of users will run. You can’t tell me that it’s not a risk.
And saying “other programs have risks, too” is pretty cowardly defense against suggesting users do something as unsafe as mapping their entire host file system to Cosmos when Cosmos doesn’t need it.
Another way of seeing it is, if Cosmos wasn’t a container it would see `/` anyway. It’s not extra access, it’s just a workaround for Docker
I think other poster is more of pointing out why not have -v /CasaFolder:/mnt/host or something similar. I’ve been in the IT sector for a while and I view that if you have to use a workaround instead of actually solving the problem, there is an issue with your tooling or solution. Secondly, I see your point but I also agree with the other poster. There’s tons of security vulnerabilities announced and used on a daily basis and you should never have permissions to things you don’t need. Is there a reason why the user couldn’t just have a note in docs to say if you want to do X then mount this way? It’s a few more lines and doesn’t give an insecure by default config right from the get go for users that otherwise wouldn’t know better.
Don’t get me wrong, I am fully aware that you need to reduce as much as possible the amount of access something has but as you said:
you should never have permissions to things you don’t need
well Cosmos needs to see your files if you want Cosmos to manage your files. It’s that simple. By default its on because it is needed for Cosmos to function. You can remove it, but at the expense of some of the functionalities of the server.
By the way Cosmos, as a Docker management software, has access to your docker socket. Which mean, you can remove anything you want from the container, technically, it can add it back itself. Having access to the socket means being able to manage the containers, including itself. In other words, having this mount in the docker run command is just a comfort thing, but in term of privilege, whether it’s Cosmos or Portainer or any other docker manager, they have full root access to your system and that’s unavoidable.
why not have -v /CasaFolder:/mnt/host or something similar
Because it would require users to always update their Cosmos containers to add additional folders all the time, giving a terrible and very error prone user experience.
If there is a solution out there, that solves that problem (as in allows Cosmos to continue to work the same without that mount) then I will gladly implement it. But as far as I can see there isn’t such solution
I have been checking out Cosmos and I really like it. A lot more functionality than CasaOS and the fact you have automatic updates for your store’s apps is great. Most the apps I tried out from the app store on CasaOS were out of date and hard to update without knowledge of Docker.
Thank you!
Yes keeping your containers updated is a huge step toward preserving the server’s security
It looks pretty cool !
Thanks!
Installed this on my VPS a couple of days back. Look and feel fantastic and functionality like a swiss army knife. I temporarily had to turn off my container and turn back npm on. I definitely want to spend time this week to make this up and running.
- Is there any guidance on if a subdomain is preferred over the domain ? For the first time, I used my main domain. And it somehow broke my existing let’s encrypt certificate. I purged the folders and did a clean reinstall, this time on a subdomain. Works but somehow the certificate broke again. (Too many certificates or something like this)
- Could this be because I clicked “new certificate” while I had temporarily turned off my NPM containers to try Cosmos ?
- I think domain is preferable for home servers because then you get subdomains for apps, which are easier and can also share the auth cookies for SSO
- you probably had a cached certificate
Thanks. For VPS then can I ignore the domain field during setup, and do a reverse proxy later to the cosmos container (via cosmos reverse proxy) to access it via the web ?
You need to setup the hostname in the Cosmos installer if that’s what you are asking. You can put your IP or something if you dont have your domaoin yet
No I have a domain already, and that’s what I did during the first try. I have a blog (docker container with ghost) on XYZ.com. As soon as I installed cosmos, that blog went away and got replaced with cosmos as the host started pointing to the docker container of cosmos.
This is why I would like to install cosmos on my subdomain.
Question is can I install cosmos on - cosmos.xyz.com ? Or is it a requirement to have it on XYZ.com entered during setup ?
would it be possible to move from portainer+ caddy to cosmos ? i’m more concerned about path mapping.i have everything in different folders.
You dont need to do anything to migrate, Cosmos will just work with Portainer, including just picking up your existing containers
Looks and feels decent.
One major thing unless I am blind, Sabnzbd is not in the marketplace, but nzbget is, which has been abandoned so could lead to security risks?
You are correct, and Sab is due to be added
Dope, it’s only for Docker tho.
Docker is an important ingredient in the mix, to isolate the applications completely, and make things much more streamlined than traditional VM, but I understand if it’s not for everyone
Wait, just to be clear, is this basically like what Truenas’ apps does, but standalone? Cause holy shit I was looking for something like this for a while. Does it support mounting network drives via NFS?
Truenas
Haven’t used it, but it looks like there are overlap.
Cosmos does not yet have storage management (but soon) and uses Docker instead of VM
So Cosmos is basically just a pre-configured docker app “store”? How do you decide which containers go into the apps menu? Why does the descriptions in Github feel like it uses boldtext for some fearmongering?