51 lines
1.1 KiB
YAML
51 lines
1.1 KiB
YAML
services:
|
|
telemt:
|
|
image: whn0thacked/telemt-docker:latest
|
|
container_name: telemt
|
|
restart: unless-stopped
|
|
|
|
# Telemt uses RUST_LOG for verbosity (optional)
|
|
environment:
|
|
RUST_LOG: "info"
|
|
|
|
# Telemt reads config from CMD (default: /etc/telemt.toml)
|
|
volumes:
|
|
- ./telemt.toml:/etc/telemt.toml:ro
|
|
|
|
ports:
|
|
- "443:443/tcp"
|
|
# If you enable metrics_port=9090 in config:
|
|
# - "127.0.0.1:9090:9090/tcp"
|
|
|
|
# Hardening
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
cap_add:
|
|
- NET_BIND_SERVICE
|
|
read_only: true
|
|
tmpfs:
|
|
- /tmp:rw,nosuid,nodev,noexec,size=16m
|
|
|
|
# Resource limits (optional)
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
cpus: "0.50"
|
|
memory: 256M
|
|
reservations:
|
|
cpus: "0.25"
|
|
memory: 128M
|
|
|
|
# File descriptor limits (critical for a high-load server!)
|
|
ulimits:
|
|
nofile:
|
|
soft: 65536
|
|
hard: 65536
|
|
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: "10m"
|
|
max-file: "3" |