Are Bitnami backups secure?

Hey, I was wanting to set up a deployable thing for my makerspace, and to do this I’m using the Bitnami docker-compose setup.

https://github.com/bitnami/bitnami-docker-discourse

Can I place the database backup in the git repo, or in the releases tab such that anyone from my makerspace can simply run docker-compose, then apply the backup in the web interface to get back to a working state?

Or are there important details inside the backup that would allow full admin access to things, equivalent to giving someone full filesystem access to your machine?

First, we do not support the bitnami installs. You’ll be on your own in terms of support if you go that way rather than following our official install instructions.

Second, yeah, you don’t want to put a Discourse backup somewhere public. All information on the site would then be available to someone who wants to access it. This includes PMs, topics in secure categories, as well as personal information like IP addresses, emails and hashed passwords.

5 Likes

I understand that the Bitnami docker stuff would be unsupported, but there is no native/official option for me, as anything more complex than "docker-compose up -d then open the Web UI and restore the backup" is too much for the members that would be taking over should anything happen to the maintainer.

Thank you for confirming that the database includes absolutely everything in plaintext except for passwords :slight_smile:

3 Likes

But at least they could come here for support if you followed the official install?

3 Likes

What would you ever need support for docker-compose up -d for? And furthermore, why would that fail? For that to happen, some element of the underlying system such as apt and their repos would have to fail, right? It is nothing more than a system built around the packages and software discourse provide. It is subordinate to discourse, not the other way around.

What is bitnami doing in their compose that is any different than what launcher does? It’s simply doing what you would already do, automating the steps you have to follow with launcher in a more docker-native way sure.

I’m not clairvoyant and wouldn’t like to predict the future, but all docker-compose is doing is acting as a much more reliable bash script. I could do all of this with a bash script, it would be 100 lines long and filled with docker commands, and I’m certain you’d still support me and my very silly, unmaintainable and pointless bash script. What’s the issue here? Why does slapping “docker-compose” into the sentence put into the “not supported” category?

1 Like

Bitnami puts you in unsupported-install, the only support offered via the community is for the standard install.

1 Like

Would you guys help me if I wanted to make a really long bash script that does all the launcher commands, etc?

No, because the only supported install is the standard install.

If you choose to do anything outside of that you assume all the risk and added technical complexity.

1 Like

Right, I understand that logic then. I thought it was more of a “Go away” sort of thing, I didn’t realize there was separation between Official and Non-Official support, as usually I just go to IRCs for this sort of question.

2 Likes

If you didn’t need support for it, you’d not have started this topic.

We don’t know and neither do you.

You’re all set then!

./discourse-setup is much easier to type and easier to understand than docker-compose up -d. It handles lots of things and works for lots of people who have never seen a command line. And your members will have a lot better chance of getting help if you install the way hundreds of other people have.

If you want to use Bitnami, head on over to the Bitnami forums for support.

3 Likes

If that’s the project ethos, etc, sure. I just like it when I can go to an IRC and get sensible, collaborative, non-robotic open source answers, which is the only reason I’m putting up any sort of front here. The key-word is ‘collaborative’, rather than “That project’s so different” when it really isn’t too different.

I’ve been in the Docker IRC for lots of unrelated things, docker doesn’t “support” Discourse, but they’d sure help me set it up, as they have with Nextcloud and a few other projects. Maybe I just ended up in the wrong category, sorry.

You can absolutely get those answers here, but if we had to support N different ways of deploying our software then our ability to support those ways (all but one are done by another entity after all) our support complexity would skyrocket.

I love this succinct response:

This is the crux: We have absolutely NO idea what they are doing and how what they’ve done may subtly break / prevent upgrades / cause odd problems, nor do we know how to interact with their custom setup.

3 Likes

We promise that if you follow the prescribed instructions they’ll work. We really, really, really, want it to work, especially if there’s some chance that you’re going to leave this for someone else to deal with later. If you search for Bitnami here, you’ll find dozens of people who have tried and given up.

But maybe someone who made Bitnami work and is really happy with it will chime in soon.

1 Like

But if this is all you want to know. . .

Anyone who has rights to restore the whole database could ostensibly change something in it to, say, give them admin access.

1 Like

Hah! Well to introduce someone to Docker now, I’m about to show someone Who’s 38~, used Unix for ages and is completely unaware of it. I’ll tell you how it goes, the test scenario is this.

https://github.com/DoESLiverpool/robochallenge

We will simply docker-compose up -d and then import the database from the backup, we’ll see how it goes :smiley:

4 Likes

The actual Discourse database backup has a bunch of stuff in it, including hashed passwords, the content of all posts, all the user information (basically just email address in practice). It would not be great if this landed in the hands of an evildoer who plans to do you harm though it depends how much of that is public posts versus personal messages or secure categories … etcetera.

However, obtaining the Discourse database does not grant anyone SSH access to the server that Discourse is running on, in any way whatsoever.

That’s the best I can do to answer your first post, though I’m kinda unclear what your question actually is at this point.

4 Likes

Well I know it wouldn’t give them shell access, clearly. I was just wondering what the nature of the content included was, and whether that was all parsed later by the database once it was unlocked, like how Bitwarden works for example. I didn’t want to assume it was insecure and do unnecessary encryption/security on top, so asked here.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.