Add CAP_KILL capability and remove stop_grace_period

- Add KILL to cap_add for graceful shutdown with init systems (s6/s6-overlay) - Remove stop_grace_period (no longer needed with CAP_KILL) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 23:24:18 +00:00
parent aebe9ad2de
commit c9cdcfd6b3
1 changed files with 5 additions and 6 deletions
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -10,10 +10,11 @@ services:
    cap_drop:
      - ALL
    cap_add:
-      - CHOWN           # Config file ownership
-      - SETUID          # User switching in entrypoint
-      - SETGID          # Group switching in entrypoint
-      - DAC_OVERRIDE    # Permission override for config files
+      - KILL
+      - CHOWN
+      - SETUID
+      - SETGID
+      - DAC_OVERRIDE

    # Resource Limits
    deploy:
@@ -26,8 +27,6 @@ services:
          memory: 256M
          cpus: '0.25'

-    stop_grace_period: 15s
-
    # macvlan Network - HomeKit mDNS Discovery
    networks:
      docker_macvlan: