Update Docker configurations for balanced security and functionality

- Simplify daemon.json to minimal working version, removing problematic security settings that caused read-only filesystem issues - Update Gitea docker-compose.yml to working configuration: - Remove read-only filesystem (breaks s6-overlay init) - Keep user privilege dropping via USER_UID/USER_GID - Bind SSH port directly for Git operations - Maintain localhost binding for web interface
2025-09-13 20:49:34 +02:00
parent 66e3249ced
commit e608ce6d5b
2 changed files with 15 additions and 45 deletions
--- a/config/docker/daemon.json
+++ b/config/docker/daemon.json
@@ -1,32 +1,17 @@
-# Docker Daemon Security Configuration
+# Docker Daemon Configuration (Minimal Working Version)
 # Deploy to: /etc/docker/daemon.json
 # 
 # Setup commands:
 #   sudo cp config/docker/daemon.json /etc/docker/
 #   sudo systemctl restart docker
+#
+# Note: Removed problematic security settings that caused read-only filesystem issues.
+# Only keeping essential logging configuration.

 {
  "log-driver": "json-file",
  "log-opts": {
-    "max-size": "50m",
+    "max-size": "100m",
    "max-file": "3"
-  },
-  "live-restore": true,
-  "userland-proxy": false,
-  "no-new-privileges": true,
-  "seccomp-profile": "/etc/docker/seccomp-default.json",
-  "default-ulimits": {
-    "nproc": {
-      "hard": 65536,
-      "soft": 65536
-    },
-    "nofile": {
-      "hard": 65536,
-      "soft": 65536
-    }
-  },
-  "storage-driver": "overlay2",
-  "storage-opts": [
-    "overlay2.override_kernel_check=true"
-  ]
+  }
 }