1
0
mirror of https://github.com/tommytran732/Vaultwarden-Docker-Compose synced 2024-11-25 13:21:33 -05:00

Run postgres unprivileged

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-09-11 17:46:50 -04:00
parent 50f860913c
commit 3cef449bea
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2

View File

@ -53,15 +53,14 @@ services:
restart: unless-stopped
networks:
- vaultwarden
user: "70:70"
read_only: true
tmpfs:
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
cap_add:
- CHOWN
- DAC_READ_SEARCH
- SETGID
- SETUID
volumes:
postgres: