Ns8-copyparty app

Viking · October 29, 2025, 10:51pm

Hi,

Packaged copyparty for NS8, please test.
Instructions can be found here: ns8-copyparty

LayLow · October 30, 2025, 3:54am

oneitonitram · October 30, 2025, 4:42am

hi Viking, thanks for the new addition.
Quick question, should we or should we not have implemented it as a root module

And after installing this module, how would i use it in a module like say, webserver module, where i need to explore the files, Update them and runn commands with them using copyparty

Viking · October 30, 2025, 6:08am

What do you mean by implementing it as a root module?

The main motivation for packaging this app, except that i find it a nifty tool, is that i am also need a easy way for users to transfer files into the instances, namely the ns8-logitechmediaserver, and the upcoming replacement ns8-lyrionmusicserver which is cooking atm.

This is a way to get experience with the app, and as i find it useful and working nicely, why not share.
Anyway this means i am considering putting a copyparty container into those other modules.

stephdl · November 1, 2025, 7:06am

most of containers are rootless module so run by a simple linux user. Other way could be to have containers rootfull run by root like dnsmask, netdata or crowdsec

from my point of view it is a flaw and it should never be done except for a good reason

dnsmasq it is for dhcp

netdata to acces to log and metrics of hardware

crowdsec to set ip ban inside the firewall and read log

crowdsec in most of that is also set as a privileged container…..so with all possible rights

in short your container is hacked then your container is root on the system

so I will never install a root container that it has not been done by the nethserver team and I can sleep well

Viking · November 1, 2025, 7:32am

That is what i feared it meant.
And i totally agree, no privileged container unless it is a very good reason (necessary), and regardless of the creator.

Actually i was wondering how to spot such a module from the UI, e.g. without looking build-images.sh file? So far i did not see any of that.
Even then you cannot be 100% sure unless you build the module your self.

stephdl · November 1, 2025, 7:36am

AFAiK it is the job of the software center, I recall a banner to inform about the degrees of confidence we can have on this software…..when you are a foreign forge you are low by design

stephdl · November 1, 2025, 7:39am

yep…..sharing data among containers is possible without to be root…..it is the previous 777 way of the good old time.

use networking !!!

Viking · November 1, 2025, 7:44am

I do not seem to be able to find this information in the software center, and looking at the certification levels also does not give a clue.

stephdl · November 1, 2025, 7:47am

github.com/NethServer/ns8-core

core/ui/src/components/software-center/InstallAppModal.vue

c94e524a8


      
              !selectedNode || (app && app.docs.terms_url && !agreeTerms)
            "
          >
            <template v-if="app" slot="title">{{
              $t("software_center.app_installation", { app: app.name })
            }}</template>
            <template v-if="app" slot="content">
              <cv-form @submit.prevent="installInstance">
                <!-- warning for rootfull app -->
                <NsInlineNotification
                  v-if="app.rootfull && app.certification_level < 3"
                  kind="warning"
                  :title="$t('software_center.rootfull_app_warning_title')"
                  :description="
                    $t('software_center.rootfull_app_warning_description', {
                      appName: app.name,
                    })
                  "
                  :showCloseButton="false"
                />
                <template v-if="clusterNodes.length > 1">

github.com/NethServer/ns8-core

core/ui/src/components/software-center/AppInfoModal.vue

c94e524a8


      
          <div v-if="app.screenshots.length" class="mg-bottom-md">
            <div class="screenshots">
              <ImageGallery :fullScreen="true" :images="app.screenshots" />
            </div>
          </div>
          <div class="description">
            {{ getApplicationDescription(app) }}
          </div>
          <!-- warning for rootfull app -->
          <NsInlineNotification
            v-if="app.rootfull && app.certification_level < 3"
            kind="warning"
            :title="$t('software_center.rootfull_app_warning_title')"
            :description="
              $t('software_center.rootfull_app_warning_description', {
                appName: app.name,
              })
            "
            :showCloseButton="false"
          />
          <div class="key-value-setting">

i see the code

stephdl · November 1, 2025, 7:50am

also

Viking · November 1, 2025, 7:55am

Sure, but it should be clear to any admin with out the need for developer skills.
But as you showed the code snippets above it will be visible, so all good i think.

stephdl · November 1, 2025, 7:56am

yep probably we should drop a line in the documentation

nobody reads the documentation but AI does it now

cc @davidep what about in the ns8 documentation to explain the difference between rootfull and rootless and why rootfull should be avoided