@@ -5,6 +5,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
+### Fixed
+- ansible-playbook:
+ - rename data volume to avoid collision with container name
+ - drop capabilities
+ - block gaining new privileges
## [1.0.0] - 2020-09-27
### Added
@@ -15,7 +15,7 @@
PT_PORT: '{{ pt_port }}'
CONTACT_INFO: '{{ contact_info }}'
volumes:
- - tor_obfs4_bridge:/var/lib/tor
+ - tor_obfs4_bridge_data:/var/lib/tor
mounts:
- type: tmpfs
target: /tmp # torrc
@@ -26,5 +26,7 @@
ports:
- '{{ or_port }}:{{ or_port }}'
- '{{ pt_port }}:{{ pt_port }}'
+ cap_drop: [ALL]
+ security_opts: [no-new-privileges]
memory: 256M
restart_policy: unless-stopped