Run Postgres unprivileged

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-09-12 03:49:16 -04:00
parent aa0705dd6c
commit e270358b1c
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2

View File

@ -44,6 +44,14 @@ services:
- ./schemas:/var/lib/postgresql/data:Z - ./schemas:/var/lib/postgresql/data:Z
networks: networks:
- matrix - matrix
user: 70:70
read_only: true
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
tmpfs:
- /var/run/postgresql:size=50M,mode=0770,uid=70,gid=70,noexec,nosuid,nodev
element: element:
image: vectorim/element-web:latest image: vectorim/element-web:latest