feat: add container security hardening and Fedimint setup wizard
Add --cap-drop=ALL, --security-opt=no-new-privileges:true to all non-privileged containers. Per-app capability grants for apps needing CHOWN/SETUID/SETGID. Read-only root filesystem with tmpfs for compatible apps (searxng, grafana, uptime-kuma, filebrowser, photoprism, vaultwarden). Add Fedimint "Create a Community" goal with 4-step wizard. Fix deploy script cp -rf for audio directory. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -82,7 +82,7 @@ define(['./workbox-21a80088'], (function (workbox) { 'use strict';
|
||||
"revision": "3ca0b8505b4bec776b69afdba2768812"
|
||||
}, {
|
||||
"url": "index.html",
|
||||
"revision": "0.qmc1lepk3f"
|
||||
"revision": "0.0ddc43l70qk"
|
||||
}], {});
|
||||
workbox.cleanupOutdatedCaches();
|
||||
workbox.registerRoute(new workbox.NavigationRoute(workbox.createHandlerBoundToURL("index.html"), {
|
||||
|
||||
Reference in New Issue
Block a user