Add more cap_drop

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
This commit is contained in:
Bensuperpc 2024-09-22 19:57:33 +02:00
parent 9700b8a379
commit b8f69ed6e2
4 changed files with 18 additions and 5 deletions

View File

@ -10,9 +10,12 @@ services:
- caddy
networks:
- infra-network
read_only: false
security_opt:
- no-new-privileges:true
read_only: false
cap_drop:
- SYS_ADMIN
deploy:
resources:
limits:
@ -21,6 +24,7 @@ services:
reservations:
cpus: '0.001'
memory: 20M
it-tools1:
image: corentinth/it-tools:latest
container_name: it-tools1
@ -31,9 +35,12 @@ services:
- caddy
networks:
- infra-network
read_only: false
security_opt:
- no-new-privileges:true
read_only: false
cap_drop:
- SYS_ADMIN
deploy:
resources:
limits:

View File

@ -16,9 +16,11 @@ services:
- infra-network
security_opt:
- no-new-privileges:true
read_only: true
tmpfs:
- /tmp
read_only: false
cap_drop:
- SYS_ADMIN
# tmpfs:
# - /tmp
deploy:
resources:
limits:

View File

@ -18,6 +18,8 @@ services:
- infra-network
security_opt:
- no-new-privileges:true
cap_drop:
- SYS_ADMIN
# Database projectsend
projectsend_db:

View File

@ -14,6 +14,8 @@ services:
- infra-network
security_opt:
- no-new-privileges:true
cap_drop:
- SYS_ADMIN
volumes:
uptimekuma_data: