miracle091/MasterpieceDockerCompose
miracle091
/
MasterpieceDockerCompose
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Aggiunta la flag no-new-privileges:true per una maggiore sicurezza per l'host e il container

This commit is contained in:
miracle091 2021-06-10 09:56:26 +02:00
parent f4de17b598
commit 282aa11a70
30 changed files with 64 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
archivewarrior/README.md
View File

@ -35,6 +35,8 @@ services:
archivewarrior: archivewarrior:
container_name: archive-warrior container_name: archive-warrior
image: archiveteam/warrior-dockerfile image: archiveteam/warrior-dockerfile
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
archivewarrior/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
archivewarrior: archivewarrior:
container_name: archive-warrior container_name: archive-warrior
image: archiveteam/warrior-dockerfile image: archiveteam/warrior-dockerfile
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
dozzle/README.md
View File

@ -35,6 +35,8 @@ services:
dozzle: dozzle:
container_name: dozzle container_name: dozzle
image: amir20/dozzle image: amir20/dozzle
security_opt:
- no-new-privileges:true
restart: unless-stopped restart: unless-stopped
ports: ports:
- ${DOZZLE_WEBUI_PORT:-8080}:8080 - ${DOZZLE_WEBUI_PORT:-8080}:8080

2
dozzle/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
dozzle: dozzle:
container_name: dozzle container_name: dozzle
image: amir20/dozzle image: amir20/dozzle
security_opt:
- no-new-privileges:true
restart: unless-stopped restart: unless-stopped
ports: ports:
- ${DOZZLE_WEBUI_PORT:-8080}:8080 - ${DOZZLE_WEBUI_PORT:-8080}:8080

2
folding@home/README.md
View File

@ -39,6 +39,8 @@ services:
fah: fah:
container_name: linuxserver-fah container_name: linuxserver-fah
image: ghcr.io/linuxserver/foldingathome image: ghcr.io/linuxserver/foldingathome
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
folding@home/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
fah: fah:
container_name: linuxserver-fah container_name: linuxserver-fah
image: ghcr.io/linuxserver/foldingathome image: ghcr.io/linuxserver/foldingathome
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
gitea/README.md
View File

@ -40,6 +40,8 @@ services:
db: db:
container_name: gitea-db container_name: gitea-db
image: postgres:13-alpine image: postgres:13-alpine
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: always restart: always

2
gitea/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
db: db:
container_name: gitea-db container_name: gitea-db
image: postgres:13-alpine image: postgres:13-alpine
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: always restart: always

2
homer/README.md
View File

@ -42,6 +42,8 @@ services:
homer: homer:
container_name: homer container_name: homer
image: b4bz/homer image: b4bz/homer
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
homer/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
homer: homer:
container_name: homer container_name: homer
image: b4bz/homer image: b4bz/homer
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
jellyfin/README.md
View File

@ -41,6 +41,8 @@ services:
jellyfin: jellyfin:
container_name: linuxserver-jellyfin container_name: linuxserver-jellyfin
image: ghcr.io/linuxserver/jellyfin image: ghcr.io/linuxserver/jellyfin
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
jellyfin/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
jellyfin: jellyfin:
container_name: linuxserver-jellyfin container_name: linuxserver-jellyfin
image: ghcr.io/linuxserver/jellyfin image: ghcr.io/linuxserver/jellyfin
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
komga/README.md
View File

@ -42,6 +42,8 @@ services:
komga: komga:
container_name: komga container_name: komga
image: gotson/komga image: gotson/komga
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
komga/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
komga: komga:
container_name: komga container_name: komga
image: gotson/komga image: gotson/komga
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
metube/README.md
View File

@ -38,6 +38,8 @@ services:
metube: metube:
container_name: metube container_name: metube
image: alexta69/metube image: alexta69/metube
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
metube/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
metube: metube:
container_name: metube container_name: metube
image: alexta69/metube image: alexta69/metube
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

4
miniflux/README.md
View File

@ -39,6 +39,8 @@ services:
db: db:
container_name: miniflux-db container_name: miniflux-db
image: postgres:13-alpine image: postgres:13-alpine
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: always restart: always
@ -56,6 +58,8 @@ services:
feeder: feeder:
container_name: miniflux container_name: miniflux
image: ghcr.io/miniflux/miniflux image: ghcr.io/miniflux/miniflux
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

4
miniflux/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
db: db:
container_name: miniflux-db container_name: miniflux-db
image: postgres:13-alpine image: postgres:13-alpine
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: always restart: always
@ -20,6 +22,8 @@ services:
feeder: feeder:
container_name: miniflux container_name: miniflux
image: ghcr.io/miniflux/miniflux image: ghcr.io/miniflux/miniflux
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
navidrome/README.md
View File

@ -41,6 +41,8 @@ services:
navidrome: navidrome:
container_name: navidrome container_name: navidrome
image: deluan/navidrome image: deluan/navidrome
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
navidrome/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
navidrome: navidrome:
container_name: navidrome container_name: navidrome
image: deluan/navidrome image: deluan/navidrome
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
podgrab/README.md
View File

@ -41,6 +41,8 @@ services:
podgrab: podgrab:
container_name: podgrab container_name: podgrab
image: akhilrex/podgrab image: akhilrex/podgrab
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
podgrab/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
podgrab: podgrab:
container_name: podgrab container_name: podgrab
image: akhilrex/podgrab image: akhilrex/podgrab
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
syncthing/README.md
View File

@ -40,6 +40,8 @@ services:
syncthing: syncthing:
container_name: linuxserver-syncthing container_name: linuxserver-syncthing
image: ghcr.io/linuxserver/syncthing image: ghcr.io/linuxserver/syncthing
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
syncthing/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
syncthing: syncthing:
container_name: linuxserver-syncthing container_name: linuxserver-syncthing
image: ghcr.io/linuxserver/syncthing image: ghcr.io/linuxserver/syncthing
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
transmission/README.md
View File

@ -40,6 +40,8 @@ services:
transmission: transmission:
container_name: linuxserver-transmission container_name: linuxserver-transmission
image: ghcr.io/linuxserver/transmission image: ghcr.io/linuxserver/transmission
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
transmission/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
transmission: transmission:
container_name: linuxserver-transmission container_name: linuxserver-transmission
image: ghcr.io/linuxserver/transmission image: ghcr.io/linuxserver/transmission
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
unifi/README.md
View File

@ -38,6 +38,8 @@ services:
unifi: unifi:
container_name: linuxserver-unifi container_name: linuxserver-unifi
image: ghcr.io/linuxserver/unifi-controller image: ghcr.io/linuxserver/unifi-controller
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
unifi/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
unifi: unifi:
container_name: linuxserver-unifi container_name: linuxserver-unifi
image: ghcr.io/linuxserver/unifi-controller image: ghcr.io/linuxserver/unifi-controller
security_opt:
- no-new-privileges:true
networks: networks:
- custom-bridge - custom-bridge
restart: unless-stopped restart: unless-stopped

2
watchtower/README.md
View File

@ -37,6 +37,8 @@ services:
watchtower: watchtower:
container_name: watchtower container_name: watchtower
image: containrrr/watchtower image: containrrr/watchtower
security_opt:
- no-new-privileges:true
restart: unless-stopped restart: unless-stopped
env_file: .env env_file: .env
volumes: volumes:

2
watchtower/docker-compose.yml
View File

@ -3,6 +3,8 @@ services:
watchtower: watchtower:
container_name: watchtower container_name: watchtower
image: containrrr/watchtower image: containrrr/watchtower
security_opt:
- no-new-privileges:true
restart: unless-stopped restart: unless-stopped
env_file: .env env_file: .env
volumes: volumes: