eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

helm: add additional security settings

Browse source 
Signed-off-by: Simon L. <szaimen@e.mail.de>
This commit is contained in:
Simon L. 2024-11-05 16:05:22 +01:00
parent 89739b26ed
commit b81ae86e8a
12 changed files with 29 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
nextcloud-aio-helm-chart/update-helm.sh
View file

@ -423,6 +423,13 @@ find ./ -name "*nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml" -exec se
# shellcheck disable=SC1083
find ./ -name "*nextcloud-aio-elasticsearch-persistentvolumeclaim.yaml" -exec sed -i "$ a {{- end }}" \{} \;
cat << EOL >> /tmp/security.conf
allowPrivilegeEscalation: false
runAsNonRoot: true
EOL
# shellcheck disable=SC1083
find ./ \( -not -name '*nextcloud-deployment.yaml*' -not -name '*onlyoffice-deployment.yaml*' -name "*deployment.yaml" \) -exec sed -i "/^.*securityContext:$/r /tmp/security.conf" \{} \;
chmod 777 -R ./
# Seems like the dir needs to match the name of the chart