fix: set mariadb capabilities instead of defining user
Signed-off-by: rare-magma <rare-magma@posteo.eu>
This commit is contained in:
parent
0719a1e3b6
commit
82d317f00b
|
@ -116,12 +116,16 @@ services:
|
|||
container_name: photoview-mariadb
|
||||
restart: unless-stopped
|
||||
stop_grace_period: 5s
|
||||
user: "999:999"
|
||||
## Optimized MariaDB startup command for better performance and compatibility
|
||||
command: mariadbd --innodb-buffer-pool-size=512M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120
|
||||
## Security options for some restricted systems
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
- CHOWN
|
||||
- DAC_READ_SEARCH
|
||||
- SETUID
|
||||
- SETGID
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
# not necessary since Docker Engine v20 see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239
|
||||
|
|
Loading…
Reference in New Issue