diff --git a/apps/overlays/au-syd1/traefik-system/values-external.yaml b/apps/overlays/au-syd1/traefik-system/values-external.yaml index ea56707..950a35f 100644 --- a/apps/overlays/au-syd1/traefik-system/values-external.yaml +++ b/apps/overlays/au-syd1/traefik-system/values-external.yaml @@ -82,4 +82,17 @@ podSecurityContext: seccompProfile: type: RuntimeDefault +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: [ALL] + add: [NET_BIND_SERVICE] + readOnlyRootFilesystem: true + +ports: + web: + port: 80 + websecure: + port: 443 + enabled: true diff --git a/apps/overlays/au-syd1/traefik-system/values-internal.yaml b/apps/overlays/au-syd1/traefik-system/values-internal.yaml index 172827e..3c28466 100644 --- a/apps/overlays/au-syd1/traefik-system/values-internal.yaml +++ b/apps/overlays/au-syd1/traefik-system/values-internal.yaml @@ -82,4 +82,17 @@ podSecurityContext: seccompProfile: type: RuntimeDefault +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: [ALL] + add: [NET_BIND_SERVICE] + readOnlyRootFilesystem: true + +ports: + web: + port: 80 + websecure: + port: 443 + enabled: true