eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

helm: add a default for RPSS_ENABLED

Browse source 
Signed-off-by: Simon L. <szaimen@e.mail.de>
This commit is contained in:
Simon L. 2024-11-26 11:01:47 +01:00
parent be08b618b9
commit 21b5842813
11 changed files with 30 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

8
nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
View file

@ -23,7 +23,7 @@ spec:
labels:
io.kompose.service: nextcloud-aio-nextcloud
spec:
{{- if eq .Values.RPSS_ENABLED "yes" }} # AIO-config - do not change this comment!
{{- if eq .Values.RPSS_ENABLED "yes" | default "no" }} # AIO-config - do not change this comment!
securityContext:
# The items below only work in pod context
fsGroup: 33
@ -32,7 +32,7 @@ spec:
runAsUser: 33
runAsGroup: 33
runAsNonRoot: true
{{- if eq .Values.RPSS_ENABLED "yes" }}
{{- if eq .Values.RPSS_ENABLED "yes" | default "no" }}
seccompProfile:
type: RuntimeDefault
{{- end }}
@ -179,12 +179,12 @@ spec:
- name: WHITEBOARD_SECRET
value: "{{ .Values.WHITEBOARD_SECRET }}"
image: nextcloud/aio-nextcloud:20241125_091756
{{- if eq .Values.RPSS_ENABLED "yes" }} # AIO-config - do not change this comment!
{{- if eq .Values.RPSS_ENABLED "yes" | default "no" }} # AIO-config - do not change this comment!
securityContext:
# The items below only work in container context
allowPrivilegeEscalation: false
capabilities:
{{- if eq .Values.RPSS_ENABLED "yes" }}
{{- if eq .Values.RPSS_ENABLED "yes" | default "no" }}
drop: ["ALL"]
{{- else }}
drop: ["NET_RAW"]