Docker hub getting worse and worse

Hey. I was just trying to install the new LND security patch, but I could not download the Docker image because I’m coming in from a VPN. I had to connect Umbrel to a non anonymous egress IP in order to fetch the security update.

Docker (the company) sucks more and more. Can we remove the dependency on Docker Hub?

Why not just do the manual update through SSH?
Check on Troubleshooting manual about that chapter. Works perfectly.
If you run Umbrel on a standard Linux machine (Ubuntu or Debian), do the apt update && upgrade before doing the update of Umbrel.

The problem is that umbrel tries to download an image from docker hub when it’s using a VPN.

Docker has started to rate limit request and it seems they now completely stopped responding to connection attempts from VPN connections.
Perhaps it’s better to try to find another docker registry to host the images.

So why is umbrel fault when is your setup fault using a VPN?
Umbrel works by default on Tor so no need for a VPN.

No it’s not umbrels “fault” per se, but umbrel can use another container registry.

And i think you’re wrong regarding TOR. Outgoing connections is routed through the default route as far as I can see, which in my case is a VPN enabled router.
In most cases it would route traffic for apt updates etc through your regular router, which can potentially be used to identify your device to your IP.
So now for example, docker can see that my ip downloaded an LTC container image.

If docker hub is blocking VPN ips my guess is that they would block TOR gateway IPs as well (or will start soon), so this could help if umbrel starts fetching images over a TOR proxy to protect privacy as well :+1:

If you are behind a VPN, it is all on you to resolve any conectivity issues to DockerHub. DockerHub is simply the best place to keep the images, period.

Disconnect from your VPN, and I bet it would work fine.

One issue with consuming public content from places like docker hub is that they have to limit cost. Thus they’ve changed their TOS so that you’re rate limited to 100 pulls every 6 hours or so for anonymous pulls

This can be doubled if you provide your account credentials, and unlimited if you’re a paying customer

Unless you’re coming from a place where they cannot easily track your identify. Then you can’t use the service.

I thought this community was about privacy and decentralization but it seems i was wrong.

I see what you mean but that is “too much information” for this question, taking it into off-topic territory.