A simple selfhosted URL shortener with no unnecessary features. Simplicity and speed are the main foci of this project. The docker image is ~6 MB (compressed), and it uses <5 MB of RAM under regular use.
A simple selfhosted URL shortener with no unnecessary features. Simplicity and speed are the main foci of this project. The docker image is ~6 MB (compressed), and it uses <5 MB of RAM under regular use.
I try to slap anything I’d face the Internet with with the read_only to further restrict exploit possibilities, would be abs great if you could make it work! I just follow all reqs on the security cheat sheet, with
read_onlybeing one of them: https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.htmlWith how simple it is I guessed that running as a
userand restrictingcap_drop: allwouldn’t be a problem.For
read_onlymany containers just needtmpfs: /tmpin addition to the volume for the db. I think many containers just try to contain temporary file writing to one directory to make applyingread_onlyeasier.So again, I’d abs use it with
read_onlywhen you get the time to tune it!!