Hi, Ive been using LXD for a while now and am really enjoying it.
I want to run Nginx Proxy Manager (in a production environment), but Nginx Proxy Manager only runs in Docker.
I have setup a container like so:
lxc launch ubuntu:20.04 npm
lxc config set npm security.nesting true
lxc config set npm security.syscalls.intercept.mknod=true
lxc config set npm security.syscalls.intercept.setxattr=true
I have installed docker and docker-compose within the container and Nginx Proxy Manager is up and running.
Nesting containers is new to me and I always run my other containers in unprivileged mode.
I guess I’d like to know is this a safe practice to use in production as I was to have Nginx Proxy Manager public facing?
or should I be locking down the container in other ways?
Thanks.