From c13845aec388ddc8108500fde934281f30fdf18e Mon Sep 17 00:00:00 2001
From: Michael Grote <michael.grote@posteo.de>
Date: Fri, 3 Jan 2025 13:53:33 +0100
Subject: [PATCH] traefik: set no-new-privileges=true

---
 docker-compose/traefik/docker-compose.yml.j2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker-compose/traefik/docker-compose.yml.j2 b/docker-compose/traefik/docker-compose.yml.j2
index 162ca8db..b2f61d3d 100644
--- a/docker-compose/traefik/docker-compose.yml.j2
+++ b/docker-compose/traefik/docker-compose.yml.j2
@@ -7,6 +7,8 @@ services:
     image: "traefik:v3.2.3"
     restart: unless-stopped
     pull_policy: missing
+    security_opt:
+      - no-new-privileges=true
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - ./traefik.yml:/etc/traefik/traefik.yml