lyra_phasma/opencloud-compose
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud-compose.git synced 2026-06-08 20:20:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #157 from chillymattster/configure_uid_gid

Browse Source 
feat: improve security - configure container uid and gid
This commit is contained in:
Michael Barz
2025-11-25 10:28:03 +01:00
committed by GitHub
parent afe6399374 4d2ad78f6d
commit 79782cdd5f
5 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.env.example
View File

@@ -69,6 +69,10 @@ TRAEFIK_ACCESS_LOG=
# Configure the log level for Traefik.
# Possible values are "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL" and "PANIC". Default is "ERROR".
TRAEFIK_LOG_LEVEL=
# The default for traefik is to run in privileged mode.
# If you want to run traefik non-privileged, use the following variable and the format [UID]:[GID] to set user and group of your choice.
# Ensure that the user has access to docker.sock and traefik volumes defined in traefik/opencloud.yml
#TRAEFIK_CONTAINER_UID_GID="1000:1000"
## OpenCloud Settings ##
@@ -80,6 +84,11 @@ OC_DOCKER_IMAGE=opencloudeu/opencloud-rolling
# The openCloud container version.
# Defaults to "latest" and points to the latest stable tag.
OC_DOCKER_TAG=
# The default id used in opencloud containers is 1000 for user and group.
# If you want to change the default, use the following variable and the format [UID]:[GID].
# The change affects all containers with access to data volumes.
# Ensure that the user has access to all volumes defined in docker-compose.yml
#OC_CONTAINER_UID_GID="1000:1000"
# Domain of openCloud, where you can find the frontend.
# Defaults to "cloud.opencloud.test"
OC_DOMAIN=

1
docker-compose.yml
View File

@@ -4,6 +4,7 @@ services:
image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest}
# changelog: https://github.com/opencloud-eu/opencloud/tree/main/changelog
# release notes: https://docs.opencloud.eu/opencloud_release_notes.html
user: ${OC_CONTAINER_UID_GID:-1000:1000}
networks:
opencloud-net:
entrypoint:

1
radicale/radicale.yml
View File

@@ -6,6 +6,7 @@ services:
- ./config/opencloud/proxy.yaml:/etc/opencloud/proxy.yaml
radicale:
image: ${RADICALE_DOCKER_IMAGE:-opencloudeu/radicale}:${RADICALE_DOCKER_TAG:-latest}
user: ${OC_CONTAINER_UID_GID:-1000:1000}
networks:
opencloud-net:
logging:

1
traefik/opencloud.yml
View File

@@ -11,6 +11,7 @@ services:
traefik:
image: traefik:v3
# release notes: https://github.com/traefik/traefik/releases
user: ${TRAEFIK_CONTAINER_UID_GID:-0:0}
networks:
opencloud-net:
aliases:

1
weboffice/collabora.yml
View File

@@ -14,6 +14,7 @@ services:
collaboration:
image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest}
user: ${OC_CONTAINER_UID_GID:-1000:1000}
networks:
opencloud-net:
depends_on: