Skip to content

Commit

Permalink
Merge pull request #113 from qonto/fix-docker-compose-permissions
Browse files Browse the repository at this point in the history 
Limit prometheus and grafana permissions
  • Loading branch information
@vmercierfr
vmercierfr authored Jan 25, 2024
2 parents 81a0891 + 7329979 commit d3f979b
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions scripts/prometheus/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ services:

prometheus:
image: prom/prometheus:v2.48.0
read_only: true
security_opt:
- no-new-privileges:true
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- ./.prometheus_data:/prometheus
Expand All @@ -23,6 +26,9 @@ services:

grafana:
image: grafana/grafana:10.2.2
read_only: true
security_opt:
- no-new-privileges:true
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=hackme
Expand All @@ -31,6 +37,8 @@ services:
- ./configuration/grafana/provisioning/datasources:/etc/grafana/provisioning/datasources/
- ./configuration/grafana/provisioning/dashboards:/etc/grafana/provisioning/dashboards/
- ./configuration/grafana/entrypoint.sh:/usr/share/grafana/entrypoint.sh
tmpfs:
- /var/tmp
ports:
- 3000:3000
entrypoint: ["/usr/share/grafana/entrypoint.sh"]
Expand Down

0 comments on commit d3f979b

Please sign in to comment.