mirror of
https://github.com/tommytran732/Vaultwarden-Docker-Compose
synced 2024-11-25 13:21:33 -05:00
Run postgres unprivileged
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
50f860913c
commit
3cef449bea
@ -53,15 +53,14 @@ services:
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- vaultwarden
|
||||
user: "70:70"
|
||||
read_only: true
|
||||
tmpfs:
|
||||
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
- CHOWN
|
||||
- DAC_READ_SEARCH
|
||||
- SETGID
|
||||
- SETUID
|
||||
|
||||
volumes:
|
||||
postgres:
|
||||
|
Loading…
Reference in New Issue
Block a user