home/kubernetes-deployments
2
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

Run all nixng containers under particular user/group

Browse source
This commit is contained in:
Pim Kunis 2025-01-05 00:17:35 +01:00
parent fe960448c6
commit a22c34716e
10 changed files with 117 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

11
modules/media.nix
View file

@ -186,7 +186,8 @@
};
securityContext = {
fsGroup = 0;
# TODO: don't hardcode this
fsGroup = 409;
fsGroupChangePolicy = "OnRootMismatch";
};
};
@ -244,7 +245,7 @@
};
securityContext = {
fsGroup = 1000;
fsGroup = 410;
fsGroupChangePolicy = "OnRootMismatch";
};
};
@ -295,7 +296,7 @@
};
securityContext = {
fsGroup = 1000;
fsGroup = 413;
fsGroupChangePolicy = "OnRootMismatch";
};
};
@ -353,7 +354,7 @@
};
securityContext = {
fsGroup = 1000;
fsGroup = 411;
fsGroupChangePolicy = "OnRootMismatch";
};
};
@ -411,7 +412,7 @@
};
securityContext = {
fsGroup = 1000;
fsGroup = 412;
fsGroupChangePolicy = "OnRootMismatch";
};
};