From 547906f00ad17d90c0498d08da0d61090764da50 Mon Sep 17 00:00:00 2001 From: Niklas Wagner Date: Sat, 24 Jun 2023 14:03:07 +0200 Subject: [PATCH] Possible fix for hostPath permissions --- .../generic-service/templates/deployment.yaml | 21 ++++++++++++++++++- crypto/monero-node/values.yaml | 12 +++-------- 2 files changed, 23 insertions(+), 10 deletions(-) diff --git a/.charts/generic-service/templates/deployment.yaml b/.charts/generic-service/templates/deployment.yaml index 5b3cc457..f370f05c 100644 --- a/.charts/generic-service/templates/deployment.yaml +++ b/.charts/generic-service/templates/deployment.yaml @@ -6,7 +6,7 @@ metadata: {{- include "generic-service.labels" . | nindent 4 }} spec: replicas: {{ .Values.replicas }} - revisionHistoryLimit: 3 + revisionHistoryLimit: 2 strategy: type: {{ .Values.strategyType }} selector: @@ -24,6 +24,25 @@ spec: serviceAccountName: {{ include "generic-service.name" . }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.hostPaths }} + initContainers: + - name: prepare-storage + image: busybox:1.36.1 + securityContext: + allowPrivilegeEscalation: false + runAsUser: 0 + command: + - sh + - -c + {{- range .Values.hostPaths }} + - chmod -R 777 {{ .containerPath | quote }} + {{- end }} + volumeMounts: + {{- range .Values.hostPaths }} + - name: {{ .name }} + mountPath: {{ .containerPath | quote }} + {{- end }} + {{- end }} containers: - name: {{ include "generic-service.name" . }} securityContext: {{- toYaml .Values.securityContext | nindent 10 }} diff --git a/crypto/monero-node/values.yaml b/crypto/monero-node/values.yaml index 565eed71..99bedf0e 100644 --- a/crypto/monero-node/values.yaml +++ b/crypto/monero-node/values.yaml @@ -9,15 +9,12 @@ args: - "--no-igd" - "--no-zmq" +replicas: 0 + hostPaths: - name: data hostPath: /srv/nvme/scrap-data/monero - containerPath: /root/.bitmonero - -# pvcPaths: -# - name: data -# class: scrap-data -# path: /root/.bitmonero + containerPath: /home/monero/.bitmonero ports: - name: main @@ -28,6 +25,3 @@ ports: health: host: monero.wagner.gg path: "/get_info" - -securityContext: - runAsUser: 0