Do not mount certain Docker volumes as read-write unnecessarily
This commit is contained in:
Slavi Pantaleev
@@ -16,8 +16,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-nginx-proxy \
|
|||||||
-p 443:443 \
|
-p 443:443 \
|
||||||
--link matrix-synapse:synapse \
|
--link matrix-synapse:synapse \
|
||||||
--link matrix-riot-web:riot \
|
--link matrix-riot-web:riot \
|
||||||
-v {{ matrix_nginx_proxy_confd_path }}:/etc/nginx/conf.d \
|
-v {{ matrix_nginx_proxy_confd_path }}:/etc/nginx/conf.d:ro \
|
||||||
-v {{ matrix_ssl_certs_path }}:{{ matrix_ssl_certs_path }} \
|
-v {{ matrix_ssl_certs_path }}:{{ matrix_ssl_certs_path }}:ro \
|
||||||
{{ docker_nginx_image }}
|
{{ docker_nginx_image }}
|
||||||
ExecStop=-/usr/bin/docker kill matrix-nginx-proxy
|
ExecStop=-/usr/bin/docker kill matrix-nginx-proxy
|
||||||
ExecStop=-/usr/bin/docker rm matrix-nginx-proxy
|
ExecStop=-/usr/bin/docker rm matrix-nginx-proxy
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ Type=simple
|
|||||||
ExecStartPre=-/usr/bin/docker kill matrix-riot-web
|
ExecStartPre=-/usr/bin/docker kill matrix-riot-web
|
||||||
ExecStartPre=-/usr/bin/docker rm matrix-riot-web
|
ExecStartPre=-/usr/bin/docker rm matrix-riot-web
|
||||||
ExecStart=/usr/bin/docker run --rm --name matrix-riot-web \
|
ExecStart=/usr/bin/docker run --rm --name matrix-riot-web \
|
||||||
-v {{ matrix_nginx_riot_web_data_path }}:/data \
|
-v {{ matrix_nginx_riot_web_data_path }}:/data:ro \
|
||||||
{% if not matrix_nginx_proxy_enabled %}
|
{% if not matrix_nginx_proxy_enabled %}
|
||||||
-p 127.0.0.1:8765:8765 \
|
-p 127.0.0.1:8765:8765 \
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
Reference in New Issue
Block a user