diff --git a/apps/overlays/au-syd1/traefik-system/values-external.yaml b/apps/overlays/au-syd1/traefik-system/values-external.yaml index ea56707..bf8724e 100644 --- a/apps/overlays/au-syd1/traefik-system/values-external.yaml +++ b/apps/overlays/au-syd1/traefik-system/values-external.yaml @@ -82,4 +82,15 @@ podSecurityContext: seccompProfile: type: RuntimeDefault +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: [ALL] + add: [NET_BIND_SERVICE] + readOnlyRootFilesystem: true + +ports: + websecure: + port: 443 + enabled: true diff --git a/apps/overlays/au-syd1/traefik-system/values-internal.yaml b/apps/overlays/au-syd1/traefik-system/values-internal.yaml index 172827e..5fc2de6 100644 --- a/apps/overlays/au-syd1/traefik-system/values-internal.yaml +++ b/apps/overlays/au-syd1/traefik-system/values-internal.yaml @@ -82,4 +82,15 @@ podSecurityContext: seccompProfile: type: RuntimeDefault +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: [ALL] + add: [NET_BIND_SERVICE] + readOnlyRootFilesystem: true + +ports: + websecure: + port: 443 + enabled: true