mirror of
https://github.com/nextcloud/all-in-one.git
synced 2025-12-19 22:16:49 +00:00
Drop NET_RAW from all containers in manual
#3377 drops NET_RAW from all containers, but this doesn't appear to have been adopted into the manual mode. Signed-off-by: Joshua Hesketh <josh@hesketh.net.au>
This commit is contained in:
Joshua Hesketh
Joshua Hesketh
parent
1cce2e535f
commit
1e26613960
2 changed files with 75 additions and 3 deletions
|
|
@ -45,6 +45,8 @@ services:
|
|||
- /usr/local/apache2/logs
|
||||
- /tmp
|
||||
- /home/www-data
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-database:
|
||||
image: nextcloud/aio-postgresql:latest
|
||||
|
|
@ -68,6 +70,8 @@ services:
|
|||
read_only: true
|
||||
tmpfs:
|
||||
- /var/run/postgresql
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-nextcloud:
|
||||
depends_on:
|
||||
|
|
@ -149,6 +153,8 @@ services:
|
|||
restart: unless-stopped
|
||||
networks:
|
||||
- nextcloud-aio
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-notify-push:
|
||||
image: nextcloud/aio-notify-push:latest
|
||||
|
|
@ -170,6 +176,8 @@ services:
|
|||
networks:
|
||||
- nextcloud-aio
|
||||
read_only: true
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-redis:
|
||||
image: nextcloud/aio-redis:latest
|
||||
|
|
@ -185,6 +193,8 @@ services:
|
|||
networks:
|
||||
- nextcloud-aio
|
||||
read_only: true
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-collabora:
|
||||
image: nextcloud/aio-collabora:latest
|
||||
|
|
@ -205,6 +215,8 @@ services:
|
|||
- nextcloud-aio
|
||||
cap_add:
|
||||
- MKNOD
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-talk:
|
||||
image: nextcloud/aio-talk:latest
|
||||
|
|
@ -234,6 +246,8 @@ services:
|
|||
- /opt/eturnal/run
|
||||
- /conf
|
||||
- /tmp
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-talk-recording:
|
||||
image: nextcloud/aio-talk-recording:latest
|
||||
|
|
@ -255,6 +269,8 @@ services:
|
|||
tmpfs:
|
||||
- /tmp
|
||||
- /conf
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-clamav:
|
||||
image: nextcloud/aio-clamav:latest
|
||||
|
|
@ -276,6 +292,8 @@ services:
|
|||
- /var/lock
|
||||
- /var/log/clamav
|
||||
- /tmp
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-onlyoffice:
|
||||
image: nextcloud/aio-onlyoffice:latest
|
||||
|
|
@ -294,6 +312,8 @@ services:
|
|||
- onlyoffice
|
||||
networks:
|
||||
- nextcloud-aio
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
nextcloud-aio-imaginary:
|
||||
image: nextcloud/aio-imaginary:latest
|
||||
|
|
@ -305,6 +325,8 @@ services:
|
|||
restart: unless-stopped
|
||||
cap_add:
|
||||
- SYS_NICE
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
profiles:
|
||||
- imaginary
|
||||
networks:
|
||||
|
|
@ -336,6 +358,8 @@ services:
|
|||
- fulltextsearch
|
||||
networks:
|
||||
- nextcloud-aio
|
||||
cap_drop:
|
||||
- NET_RAW
|
||||
|
||||
volumes:
|
||||
nextcloud_aio_apache:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue