mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-03-24 13:32:37 +01:00
350588f080
Convert ulimits from flat strings to structured dicts with name, soft, and hard fields for better UI experience. Add default_ulimits as a configurable setting that dynamically renders into daemon.json, giving two layers of control: global defaults via the daemon and per-container overrides.
100 lines
3.2 KiB
YAML
100 lines
3.2 KiB
YAML
docker:
|
|
gateway:
|
|
description: Gateway for the default docker interface.
|
|
helpLink: docker.html
|
|
advanced: True
|
|
range:
|
|
description: Default docker IP range for containers.
|
|
helpLink: docker.html
|
|
advanced: True
|
|
default_ulimits:
|
|
description: Default ulimit settings applied to all containers via the Docker daemon. Each entry specifies a resource name (e.g. nofile, memlock, core, nproc) with soft and hard limits. Individual container ulimits override these defaults.
|
|
advanced: True
|
|
helpLink: docker.html
|
|
forcedType: "[]{}"
|
|
syntax: json
|
|
uiElements:
|
|
- field: name
|
|
label: Resource Name
|
|
required: True
|
|
- field: soft
|
|
label: Soft Limit
|
|
forcedType: int
|
|
- field: hard
|
|
label: Hard Limit
|
|
forcedType: int
|
|
containers:
|
|
so-dockerregistry: &dockerOptions
|
|
final_octet:
|
|
description: Last octet of the container IP address.
|
|
helpLink: docker.html
|
|
readonly: True
|
|
advanced: True
|
|
global: True
|
|
port_bindings:
|
|
description: List of port bindings for the container.
|
|
helpLink: docker.html
|
|
advanced: True
|
|
multiline: True
|
|
forcedType: "[]string"
|
|
custom_bind_mounts:
|
|
description: List of custom local volume bindings.
|
|
advanced: True
|
|
helpLink: docker.html
|
|
multiline: True
|
|
forcedType: "[]string"
|
|
extra_hosts:
|
|
description: List of additional host entries for the container.
|
|
advanced: True
|
|
helpLink: docker.html
|
|
multiline: True
|
|
forcedType: "[]string"
|
|
extra_env:
|
|
description: List of additional ENV entries for the container.
|
|
advanced: True
|
|
helpLink: docker.html
|
|
multiline: True
|
|
forcedType: "[]string"
|
|
ulimits:
|
|
description: Ulimit settings for the container. Each entry specifies a resource name (e.g. nofile, memlock, core, nproc) with optional soft and hard limits.
|
|
advanced: True
|
|
helpLink: docker.html
|
|
forcedType: "[]{}"
|
|
syntax: json
|
|
uiElements:
|
|
- field: name
|
|
label: Resource Name
|
|
required: True
|
|
- field: soft
|
|
label: Soft Limit
|
|
forcedType: int
|
|
- field: hard
|
|
label: Hard Limit
|
|
forcedType: int
|
|
so-elastic-fleet: *dockerOptions
|
|
so-elasticsearch: *dockerOptions
|
|
so-influxdb: *dockerOptions
|
|
so-kibana: *dockerOptions
|
|
so-kratos: *dockerOptions
|
|
so-hydra: *dockerOptions
|
|
so-logstash: *dockerOptions
|
|
so-nginx: *dockerOptions
|
|
so-nginx-fleet-node: *dockerOptions
|
|
so-redis: *dockerOptions
|
|
so-sensoroni: *dockerOptions
|
|
so-soc: *dockerOptions
|
|
so-strelka-backend: *dockerOptions
|
|
so-strelka-filestream: *dockerOptions
|
|
so-strelka-frontend: *dockerOptions
|
|
so-strelka-manager: *dockerOptions
|
|
so-strelka-gatekeeper: *dockerOptions
|
|
so-strelka-coordinator: *dockerOptions
|
|
so-elastalert: *dockerOptions
|
|
so-elastic-fleet-package-registry: *dockerOptions
|
|
so-idh: *dockerOptions
|
|
so-elastic-agent: *dockerOptions
|
|
so-telegraf: *dockerOptions
|
|
so-suricata: *dockerOptions
|
|
so-zeek: *dockerOptions
|
|
so-kafka: *dockerOptions
|