Login

u/NoInterviewsManyApps

▲ 10 r/netbird

Container Hardening Through Capability Dropping

I've been looking into ways to further harden my setup to try and prevent security from living rent free inside my mind.

Try adding these to your compose

Traefik:
cap_drop:
      - ALL
    cap_add:
      - NET_BIND_SERVICE 
    security_opt:
      - no-new-privileges:true

Dashboard:
cap_drop:
      - ALL
    cap_add:
      - NET_BIND_SERVICE
      - DAC_OVERRIDE
      - CHOWN
      - SETUID
      - SETGID
    security_opt:
      - no-new-privileges:true

Server:
cap_drop:
      - ALL
    cap_add:
      - NET_BIND_SERVICE 
    security_opt:
      - no-new-privileges:true

I have been able to use the proxy and VPN functionality just fine so far.

If there's any suggestions for the proxy container, let me know

reddit.com
u/NoInterviewsManyApps — 5 days ago
▲ 2 r/ANSYS_Mechanical

How do you apply shock in both negative and positive direction in Response Spectrum Analysis

I am able to apply a shock in the positive direction with nothing but the default analysis tools, but it looks like they completely leave out negative direction loads, as entering them isn't possible.

Is there a way to do that? I am using NRLSUM mode combination if that means anything.

reddit.com
u/NoInterviewsManyApps — 7 days ago