Hello, thank you for your inputs.
this is only a link management Dashboard, it has not difference to as much as using bookmarks on your browser
This is a widely used tool, with almost 5k stars on github, if there is a security issue, it would be easy to take note of.
BEfore embarking on any tools, I first Do my reasearch, take a look at the Issues page Issues · ajnart/homarr (github.com)
as well as the Pull requests pages of the said tools Pull requests · ajnart/homarr (github.com)
Now, this specific Dashboard tool, actually has a CVE tracking Widget, if you check the first posted image, so it actually helps you keep track of security issues.
Homarr, has Authentication for accessing the dashboards, and therefore is actually more safer than using your browser bookmark.
by my understanding, All or most Apps by default are running rootless within Nethserver 8.
In consideration of what many tools on a server might mean, i have been looking into an in integration of a Security Monitoring and tracking Aggregation tool here
compgeniuses/ns8-copilot: this is an ns8 App for copilot https://github.com/socfortress/CoPilot from SOCFORTRESS
IT integrates into one dashboard, the following security monitoring tools
integrations with the following tools:
Contrary to what you might think, Most APPS i implement, I have done a big deal of research into them, asked questions in discord, watched reviews and many considerations before embarking on working on them
Equally, Some of the tools, as tools i have used before, and that people are installing and using in their home labs, and business use cases.
I am only providing an easy access method for deploying them, It does not prevent anyone in any way from installing them on their servers. Infact, by making them into an App, there are limitations pre-applied by Nethserver than allowing arbitrary installs.
Most are tools requested in some capacity within the forum before by community members and hey, i am not running all these tools, especially not on all on the same server, or even same server cluster.
@transocean what security observations and researvations might you have or have observed?
there is a dscussion here on disbaling public access for some apps
NS8 on VPS - restrict access to webservices - Support - NethServer Community
Am following app on the same with @stephdl to see how the same could be implemented for some apps, but generally its a feature i think would be worked on in near future on the core