Commit graph

3 commits

Author SHA1 Message Date
kuanhulio
e25622dac2
harden docker-compose.yml (#760)
`user: nobody`: the least privileged account.
`read_only: true`: this container doesn't write anything to the filesystem, this removes a vector.
`security_opt`: disallows the container to grab more privileges.
`cap_drop`: this container doesn't need any capabilities, drop them.
`networks`: put `libreddit` into its own network so it cannot see other containers by default.
2023-03-17 10:17:01 -06:00
Wichai
c298109a7b
Change healthcheck script to utilise "wget" (#309)
* Change healthcheck script to utilise "wget"

* add "tries=1" option
2021-11-11 00:47:13 +00:00
spikecodes
90d39b121f
Example docker-compose 2021-03-31 13:03:18 -07:00