diff --git a/docs/longhorn.md b/docs/longhorn.md index 787f05e..6b73bb9 100644 --- a/docs/longhorn.md +++ b/docs/longhorn.md @@ -1,5 +1,36 @@ # Longhorn notes +## Migration from NFS to Longhorn + +1. Delete the workload, and delete the PVC and PVC using NFS. +2. Create Longhorn volumes as described below. +3. Copy NFS data from lewis.dmz to local disk. +4. Spin up a temporary pod and mount the Longhorn volume(s) in it: + ```nix + { + pods.testje.spec = { + containers.testje = { + image = "nginx"; + + volumeMounts = [ + { + name = "uploads"; + mountPath = "/hedgedoc/public/uploads"; + } + ]; + }; + + volumes = { + uploads.persistentVolumeClaim.claimName = "hedgedoc-uploads"; + }; + }; + } + ``` +5. Use `kubectl cp` to copy the data from the local disk to the pod. +6. Delete the temporary pod. +7. Create the workload with updated volume mounts. +8. Delete the data from local disk. + ## Creation of new Longhorn volumes While it seems handy to use a K8s StorageClass for Longhorn, we do *not* want to use that. diff --git a/kubenix-modules/hedgedoc.nix b/kubenix-modules/hedgedoc.nix index cfa1e3d..459a36e 100644 --- a/kubenix-modules/hedgedoc.nix +++ b/kubenix-modules/hedgedoc.nix @@ -65,28 +65,16 @@ uploads.persistentVolumeClaim.claimName = "hedgedoc-uploads"; config.configMap.name = "hedgedoc-config"; }; + + securityContext = { + fsGroup = 65534; + fsGroupChangePolicy = "OnRootMismatch"; + }; }; }; }; }; - # pods.testje.spec = { - # containers.testje = { - # image = "nginx"; - - # volumeMounts = [ - # { - # name = "uploads"; - # mountPath = "/hedgedoc/public/uploads"; - # } - # ]; - # }; - - # volumes = { - # uploads.persistentVolumeClaim.claimName = "hedgedoc-uploads"; - # }; - # }; - services.hedgedoc.spec = { selector.app = "hedgedoc";