Increase security

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
This commit is contained in:
Bensuperpc 2024-09-14 09:44:20 +02:00
parent e5d8ced52d
commit ca42926acc

View File

@ -1,17 +1,19 @@
services:
main_infrastructure:
container_name: main_infrastructure
image: debian:latest
image: alpine:latest
profiles:
- main_infrastructure
user: "root"
group_add:
- '${PUID:-1000}'
volumes:
- public_data:/public
- private_data:/private
networks:
- infra-network
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- CHOWN
# Fix root permissions on mounted volumes
command: chown -R ${PUID:-1000}:${PGID:-1000} /public /private