protect the docker socket better #7
Description
Currently, Traefik (and Portainer it it were running) has complete access to the docker socket which is equivalent to full root privileges on the host.
This is pretty bad for a load balancer that is user facing.
I'm not quite sure, if adding :ro to the socket mount does anything useful.
https://github.com/Tecnativa/docker-socket-proxy seems nice.