@@ -43,3 +43,23 @@ Getting TLS into these containers is a difficult proposition because the contain
If you really need TLS for these services, I recommend using a proxy in front of them with your own domain name.
# NNCP private key protection
Your NNCP private keys are important to protect. After you have set up your system, you should delete the introductory message that you saved off in the setup process. Also be sure to carefully protect your `env` file, Docker environment, and volume location, if any.
## Environment leakage
The default setup instructions have you passing in an `env` file to `docker run` that contains various configuration, including your NNCP private keys. Within the container, this appears to be present in the environment of:
- The pre-init startup scripts in `/usr/local/preinit`. Note that `61-configs` in that directory specifically references the environment variables to configure the system.
- systemd (PID 1)
- any process started by `docker exec` or its descendents
The risk is that a malicious process could access those keys. Note that systemd appears to pass a sanitized environment to its descendents, so in a normal system, only PID 1 would see those keys.
You can alternatively build a derivative image and put these keys into files at specific locations; see [configuration](configuration) for details on how to do this.
## Your host system
Protect your `env` file, Docker directories, and volume directories, since all of them could have your private keys. Ideally on an encrypted filesystem.
