Aggiunta la flag no-new-privileges:true per una maggiore sicurezza per l'host e il container
This commit is contained in:
parent
f4de17b598
commit
282aa11a70
|
@ -35,6 +35,8 @@ services:
|
|||
archivewarrior:
|
||||
container_name: archive-warrior
|
||||
image: archiveteam/warrior-dockerfile
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
archivewarrior:
|
||||
container_name: archive-warrior
|
||||
image: archiveteam/warrior-dockerfile
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -35,6 +35,8 @@ services:
|
|||
dozzle:
|
||||
container_name: dozzle
|
||||
image: amir20/dozzle
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- ${DOZZLE_WEBUI_PORT:-8080}:8080
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
dozzle:
|
||||
container_name: dozzle
|
||||
image: amir20/dozzle
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- ${DOZZLE_WEBUI_PORT:-8080}:8080
|
||||
|
|
|
@ -39,6 +39,8 @@ services:
|
|||
fah:
|
||||
container_name: linuxserver-fah
|
||||
image: ghcr.io/linuxserver/foldingathome
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
fah:
|
||||
container_name: linuxserver-fah
|
||||
image: ghcr.io/linuxserver/foldingathome
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -40,6 +40,8 @@ services:
|
|||
db:
|
||||
container_name: gitea-db
|
||||
image: postgres:13-alpine
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: always
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
db:
|
||||
container_name: gitea-db
|
||||
image: postgres:13-alpine
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: always
|
||||
|
|
|
@ -42,6 +42,8 @@ services:
|
|||
homer:
|
||||
container_name: homer
|
||||
image: b4bz/homer
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
homer:
|
||||
container_name: homer
|
||||
image: b4bz/homer
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -41,6 +41,8 @@ services:
|
|||
jellyfin:
|
||||
container_name: linuxserver-jellyfin
|
||||
image: ghcr.io/linuxserver/jellyfin
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
jellyfin:
|
||||
container_name: linuxserver-jellyfin
|
||||
image: ghcr.io/linuxserver/jellyfin
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -42,6 +42,8 @@ services:
|
|||
komga:
|
||||
container_name: komga
|
||||
image: gotson/komga
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
komga:
|
||||
container_name: komga
|
||||
image: gotson/komga
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -38,6 +38,8 @@ services:
|
|||
metube:
|
||||
container_name: metube
|
||||
image: alexta69/metube
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
metube:
|
||||
container_name: metube
|
||||
image: alexta69/metube
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -39,6 +39,8 @@ services:
|
|||
db:
|
||||
container_name: miniflux-db
|
||||
image: postgres:13-alpine
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: always
|
||||
|
@ -56,6 +58,8 @@ services:
|
|||
feeder:
|
||||
container_name: miniflux
|
||||
image: ghcr.io/miniflux/miniflux
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
db:
|
||||
container_name: miniflux-db
|
||||
image: postgres:13-alpine
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: always
|
||||
|
@ -20,6 +22,8 @@ services:
|
|||
feeder:
|
||||
container_name: miniflux
|
||||
image: ghcr.io/miniflux/miniflux
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -41,6 +41,8 @@ services:
|
|||
navidrome:
|
||||
container_name: navidrome
|
||||
image: deluan/navidrome
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
navidrome:
|
||||
container_name: navidrome
|
||||
image: deluan/navidrome
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -41,6 +41,8 @@ services:
|
|||
podgrab:
|
||||
container_name: podgrab
|
||||
image: akhilrex/podgrab
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
podgrab:
|
||||
container_name: podgrab
|
||||
image: akhilrex/podgrab
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -40,6 +40,8 @@ services:
|
|||
syncthing:
|
||||
container_name: linuxserver-syncthing
|
||||
image: ghcr.io/linuxserver/syncthing
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
syncthing:
|
||||
container_name: linuxserver-syncthing
|
||||
image: ghcr.io/linuxserver/syncthing
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -40,6 +40,8 @@ services:
|
|||
transmission:
|
||||
container_name: linuxserver-transmission
|
||||
image: ghcr.io/linuxserver/transmission
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
transmission:
|
||||
container_name: linuxserver-transmission
|
||||
image: ghcr.io/linuxserver/transmission
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -38,6 +38,8 @@ services:
|
|||
unifi:
|
||||
container_name: linuxserver-unifi
|
||||
image: ghcr.io/linuxserver/unifi-controller
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
unifi:
|
||||
container_name: linuxserver-unifi
|
||||
image: ghcr.io/linuxserver/unifi-controller
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
networks:
|
||||
- custom-bridge
|
||||
restart: unless-stopped
|
||||
|
|
|
@ -37,6 +37,8 @@ services:
|
|||
watchtower:
|
||||
container_name: watchtower
|
||||
image: containrrr/watchtower
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
restart: unless-stopped
|
||||
env_file: .env
|
||||
volumes:
|
||||
|
|
|
@ -3,6 +3,8 @@ services:
|
|||
watchtower:
|
||||
container_name: watchtower
|
||||
image: containrrr/watchtower
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
restart: unless-stopped
|
||||
env_file: .env
|
||||
volumes:
|
||||
|
|
Loading…
Reference in New Issue