From 6f86317a4b2020d4cb6f8c80e5e8e02452e99ff8 Mon Sep 17 00:00:00 2001 From: nold Date: Fri, 2 Sep 2022 19:30:24 +0200 Subject: [PATCH] Fix(nextcloud): SecurityContext --- projects/nextcloud/values/nextcloud.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/projects/nextcloud/values/nextcloud.yaml b/projects/nextcloud/values/nextcloud.yaml index 7d81c542..5c5f4d04 100644 --- a/projects/nextcloud/values/nextcloud.yaml +++ b/projects/nextcloud/values/nextcloud.yaml @@ -36,6 +36,14 @@ nextcloud: runAsGroup: "33" runAsNonRoot: true readOnlyRootFilesystem: true + + extraVolumes: + - name: nginx-cache + emptyDir: {} + extraVolumeMounts: + - mountPath: /var/cache/nginx + name: nginx-cache + phpConfigs: memory_limit.conf: | php_admin_value[memory_limit] = 512M @@ -47,6 +55,14 @@ nextcloud: pm.max_spare_servers = 24 pm.max_requests = 1000 +# See: https://github.com/nextcloud/helm/issues/186 +securityContext: + runAsUser: 101 + runAsGroup: 101 + fsGroup: 101 + fsGroupChangePolicy: "OnRootMismatch" + runAsNonRoot: true + ingress: enabled: true labels: