For our usage, we think to use a rpi as main yunohost server, and use another powerfull SOC with a mpci ssd as a crypted storage server .
So I have some questions :
Where all the apps put theres datas ? Somes use MySql, others sqlite… Is yunohost group all ?
What kind of security can we get between the apps acount ? Have you test this before package ?
And a not-only-yunohost extra question : have you an idea for freeze the rpi startup for wait the network mount ?
Thanks a lot !
It depends of each app. Effectivelly some store data in Mysql database, other in /home/loginname
You can move /var/mysql and /home to another disk and to a symbolic link to have your data on an encrypted device.
This is my point of view, I’m just a Yunohost user, not a member of Yunhost team. There’s the official apps and contributed apps. I think Yunohost community does its best for security but it also depends on you (you need to do the security update), depends on Debian community (for providing security update), depends on developper apps (for providing security update of their apps and then the yunohost community can update the package…)
Each apps can have a different user or the same user. The security is not more or less secure in Yunohost. Yunohost only make it esasier to install and configure nginx and mysql…
Ok, so if someone can confirm, I will deport and crypt /var/mysql and /home and this point is solved !
Sure, but the yunohost team may have made some testwith the packaged apps ?