From e99106e13acf69ca6896ffc58dd9c8438b3506d7 Mon Sep 17 00:00:00 2001 From: Tommy Date: Fri, 25 Nov 2022 03:06:58 -0500 Subject: [PATCH] Run coturn and redis in readonly Signed-off-by: Tommy --- docker-compose.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index db9d913..b89dcfe 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,12 +9,14 @@ services: - ./ssl:/etc/ssl/certs:Z network_mode: "host" user: "65534:65534" + read_only: true security_opt: - no-new-privileges:true cap_drop: - ALL cap_add: - NET_BIND_SERVICE + redis: image: redis:alpine container_name: redis @@ -24,19 +26,21 @@ services: ports: - "127.0.0.1:6379:6379" user: "999:1000" + read_only: true security_opt: - no-new-privileges:true cap_drop: - ALL + acme: image: neilpang/acme.sh:latest container_name: acme + restart: unless-stopped command: daemon volumes: - ./acme:/acme.sh - ./ssl:/ssl network_mode: "host" - restart: unless-stopped volumes: redis: