git
43f25321d7
modified: core/crowdsec/docker-compose.yml modified: core/error-pages/docker-compose.yml modified: monitoring/docker-exporter/docker-compose.yml modified: monitoring/docker-socket-proxy/docker-compose.yml deleted: monitoring/influxdb-service/docker-compose.yml modified: monitoring/node-exporter/docker-compose.yml modified: monitoring/pihole-exporter/docker-compose.yml modified: monitoring/telegraf/docker-compose.yml new file: service-access-policy.md
48 lines
1.1 KiB
YAML
48 lines
1.1 KiB
YAML
services:
|
|
docker-socket-proxy:
|
|
profiles: ["monitoring","all","docker-socket-proxy", "core", "traefik", "prometheus"]
|
|
image: tecnativa/docker-socket-proxy:latest
|
|
container_name: docker-socket-proxy
|
|
hostname: docker-socket-proxy
|
|
restart: unless-stopped
|
|
environment:
|
|
LOG_LEVEL: ${DOCKER_SOCKET_PROXY_LOG_LEVEL}
|
|
DISTRIBUTION: 1
|
|
CONTAINERS: 1
|
|
EVENTS: 1
|
|
IMAGES: 1
|
|
INFO: 1
|
|
NETWORKS: 1
|
|
PING: 1
|
|
POST: 1
|
|
AUTH: 1
|
|
EXEC: 1
|
|
SYSTEM: 1
|
|
SERVICES: 1
|
|
SWARM: 1
|
|
NODES: 1
|
|
SECRETS: 1
|
|
TASKS: 1
|
|
VERSION: 1
|
|
VOLUMES: 1
|
|
ALLOW_START: 1 # for better security, set to 0
|
|
ALLOW_STOP: 1 # for better security, set to 0
|
|
ALLOW_RESTARTS: 1 # for better security, set to 0
|
|
BUILD: 0
|
|
COMMIT: 0
|
|
CONFIGS: 0
|
|
DELETE: 1
|
|
DISABLE_IPV6: 0
|
|
PLUGINS: 0
|
|
SESSION: 0
|
|
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
cap_drop:
|
|
- ALL
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
networks:
|
|
- monitor
|
|
- traefik
|