关于doc里docker默认配置的问题 #1107
scorebook999
started this conversation in
Ideas
关于doc里docker默认配置的问题
#1107
Replies: 1 comment 2 replies
-
|
为什么我通过docker-compose 部署 提示我 core 核心不存在== |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
你是不是用了这个环境变量V2RAYA_V2RAY_BIN |
Beta Was this translation helpful? Give feedback.
-
|
谢了老哥,确实是因为这个环境变量的问题,不指定采取默认配置就没有问题了 |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
doc里的默认配置带了--privileged,给了容器root权限,是不是有些不太安全啊?我测试了一下macvlan,
docker run -d --name v2raya
--cap-drop=ALL
--cap-add=NET_ADMIN
--cap-add=NET_RAW
-e V2RAYA_ADDRESS=0.0.0.0:2017
-v /V2RayA/resolv.conf:/etc/resolv.conf
-v /V2RayA/v2raya:/etc/v2raya
--mac-address=xx-xx-xx-xx-xx-xx
--network=xxx
--ip=192.168.xxx.xxx
--restart=always
mzz2017/v2raya:latest;
这样的配置完全可以正常运行,完全不需要root,cap-drop=ALL甚至还能drop掉很多用不上的权限,建议大佬把这个privileged给删了,换成--cap-add=NET_ADMIN和--cap-add=NET_RAW。
Beta Was this translation helpful? Give feedback.
All reactions