marcel/familienarchiv
1
0
Fork 0
Code Issues 103 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

security(ocr): run OCR container as non-root user (CIS Docker §4.1) #611

Merged
marcel merged 12 commits from feat/issue-459-ocr-non-root into main 2026-05-17 19:06:47 +02:00
Conversation 31 Commits 12 Files Changed 9 +2 -1
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit f1e0b92f47 - Show all commits

3
docker-compose.yml
View File

@@ -112,7 +112,8 @@ services:
read_only: true read_only: true
tmpfs: tmpfs:
- /tmp:size=512m # training endpoints write ZIPs to /tmp; 512 MB covers typical batches (2050 images) - /tmp:size=512m # training endpoints write ZIPs to /tmp; 512 MB covers typical batches (2050 images)
cap_drop: [ALL] cap_drop:
- ALL
security_opt: security_opt:
- no-new-privileges:true - no-new-privileges:true