Roxedus/Argo
1
0
Fork 0
Code Issues 1 Pull Requests 9 Releases Wiki Activity

More sec stuff

Browse Source
This commit is contained in:
Simen Røstvik 2022-11-15 10:33:14 +01:00
parent cac52e4917
commit 9f301dfe8b
No known key found for this signature in database
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/templates/traefik.yaml
View File

@ -34,7 +34,13 @@ spec:
hasDns: "true" hasDns: "true"
securityContext: securityContext:
capabilities:
drop: [ALL]
add: [NET_BIND_SERVICE]
readOnlyRootFilesystem: true
runAsGroup: 0
runAsNonRoot: false runAsNonRoot: false
runAsUser: 0
affinity: affinity:
podAntiAffinity: podAntiAffinity: