LiquidCode/LiquidCode.Tester
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
roman
LiquidCode.Tester/compose.yaml
prixod bd2ed7716c fix privileges
2025-12-01 02:26:17 +04:00

55 lines
1.4 KiB
YAML
Raw Permalink Blame History

services:
gateway:
image: liquidcode-tester-gateway:latest
container_name: liquidcode-tester-gateway
build:
context: .
dockerfile: src/LiquidCode.Tester.Gateway/Dockerfile
ports:
- "8080:8080"
environment:
- ASPNETCORE_ENVIRONMENT=Development
- Workers__Cpp=http://worker:8080
- Workers__Java=http://worker:8080
- Workers__Kotlin=http://worker:8080
- Workers__CSharp=http://worker:8080
- Workers__Python=http://worker:8080
networks:
- liquidcode-network
depends_on:
- worker
# Security hardening for Gateway
security_opt:
- no-new-privileges:true
cap_drop:
- ALL
worker:
image: liquidcode-tester-worker:latest
privileged: true
container_name: liquidcode-tester-worker
build:
context: .
dockerfile: src/LiquidCode.Tester.Worker/Dockerfile
ports:
- "8081:8080"
environment:
- ASPNETCORE_ENVIRONMENT=Development
networks:
- liquidcode-network
# Mount cgroup for Isolate sandbox
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
# Temporary filesystem for compilation and testing
tmpfs:
- /tmp:exec,size=4G
# Resource limits to prevent DoS
ulimits:
nproc: 1024 # Max processes
nofile: 2048 # Max open files
networks:
liquidcode-network:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink