Security++
This commit is contained in:
parent
385b30d6b4
commit
da5fe67e27
|
@ -9,6 +9,7 @@ LETS_ENCRYPT_ENV=production
|
|||
|
||||
ADMIN_USERNAME=admin
|
||||
SECRET_ADMIN_PASSWORD_VERSION=v1
|
||||
SECRET_POSTGRES_PASSWORD_VERSION=v1
|
||||
SITE_NAME=LemmyCloud
|
||||
|
||||
SLUR_FILTER='(fag(g|got|tard)?\b|cock\s?sucker(s|ing)?|ni((g{2,}|q)+|[gq]{2,})[e3r]+(s|z)?|mudslime?s?|kikes?|\bspi(c|k)s?\b|\bchinks?|gooks?|bitch(es|ing|y)?|whor(es?|ing)|\btr(a|@)nn?(y|ies?)|\b(b|re|r)tard(ed)?s?)'
|
||||
|
|
|
@ -15,6 +15,7 @@ services:
|
|||
- lemmy_config:/config/
|
||||
secrets:
|
||||
- admin_password
|
||||
- postgres_password
|
||||
entrypoint: ['/docker-entrypoint.sh']
|
||||
# entrypoint: ['tail', '-f', '/dev/null']
|
||||
configs:
|
||||
|
@ -49,10 +50,12 @@ services:
|
|||
image: postgres:12-alpine
|
||||
environment:
|
||||
- POSTGRES_USER=lemmy
|
||||
- POSTGRES_PASSWORD=password
|
||||
- POSTGRES_DB=lemmy
|
||||
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
||||
networks:
|
||||
- backend
|
||||
secrets:
|
||||
- postgres_password
|
||||
volumes:
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
|
||||
|
@ -114,6 +117,9 @@ secrets:
|
|||
admin_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}
|
||||
postgres_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION}
|
||||
|
||||
networks:
|
||||
backend:
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
# username to connect to postgres
|
||||
user: "lemmy"
|
||||
# password to connect to postgres
|
||||
password: "password"
|
||||
password: "{{ secret "postgres_password" }}"
|
||||
# host where postgres is running
|
||||
host: "db"
|
||||
# port where postgres can be accessed
|
||||
|
|
Loading…
Reference in New Issue