Merge #2613
2613: Enhance network segregation r=nextgens a=nextgens ## What type of PR? enhancement ## What does this PR do? - put radicale and webmail on their own network: this is done for security: that way they have no privileged access anywhere (no access to redis, no access to XCLIENT, ...) - remove the EXPOSE statements from the dockerfiles. These ports are for internal comms and are not meant to be exposed in any way to the outside world. ### Related issue(s) - #2611 ## Prerequisites Before we can consider review and merge, please make sure the following list is done and checked. If an entry in not applicable, you can check it or remove it from the list. - [ ] In case of feature or enhancement: documentation updated accordingly - [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>main
commit
7e60ba4e98
@ -0,0 +1 @@
|
||||
Isolate radicale and webmail on their own network. This ensures they don't have privileged access to any of the other containers.
|
Loading…
Reference in New Issue