fickit/rsync: increase overall security
This commit is contained in:
parent
5e9e45da03
commit
5a144a26f9
4 changed files with 18 additions and 11 deletions
|
|
@ -193,7 +193,7 @@ services:
|
|||
- /var/lib/fic/teams
|
||||
- /var/lib/fic/settings
|
||||
- name: fic-synchro
|
||||
image: nemunaire/rsync:416df0e1fe1562d5d1c63461dacd1267b47a4f05
|
||||
image: nemunaire/rsync:f8cc6e42fd8ae44d5b6e77fa71850e5cb36892a4
|
||||
command: ["/bin/ash", "/root/synchro.sh"]
|
||||
binds:
|
||||
- /etc/hosts:/etc/hosts:ro
|
||||
|
|
@ -206,9 +206,6 @@ services:
|
|||
- /var/lib/fic/submissions:/srv/submissions
|
||||
- /var/lib/fic/teams:/srv/TEAMS:ro
|
||||
net: /run/netns/synchro
|
||||
pid: new
|
||||
ipc: new
|
||||
uts: new
|
||||
runtime:
|
||||
mkdir:
|
||||
- /var/lib/fic/files
|
||||
|
|
@ -217,13 +214,16 @@ services:
|
|||
- /var/lib/fic/submissions
|
||||
- /var/lib/fic/teams
|
||||
- name: sshd
|
||||
image: nemunaire/rsync:416df0e1fe1562d5d1c63461dacd1267b47a4f05
|
||||
image: nemunaire/rsync:ca312b09a5048c165cf727660b7755f001d17650
|
||||
binds:
|
||||
- /etc/hosts:/etc/hosts:ro
|
||||
- /root/.ssh/authorized_keys:/root/.ssh/authorized_keys:ro
|
||||
- /root/.ssh/:/root/.ssh/:ro
|
||||
- /var/lib/fic/outofsync:/var/lib/fic/outofsync
|
||||
- /var/lib/fic/raw_files:/mnt/fic
|
||||
capabilities:
|
||||
- all
|
||||
net: /run/netns/fic-admin
|
||||
pid: host
|
||||
runtime:
|
||||
mkdir:
|
||||
- /var/lib/fic/outofsync
|
||||
|
|
|
|||
Reference in a new issue