feat(vaultwarden): configure security context
All checks were successful
Renovate / renovate (push) Successful in 23s

This commit is contained in:
Peter 2024-05-07 17:43:21 +02:00
parent 73d2ff843d
commit a6c7b6f6d6
Signed by: prskr
GPG key ID: F56BED6903BC5E37

View file

@ -35,6 +35,12 @@ spec:
volumeMounts:
- name: data
mountPath: /data
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
@ -49,3 +55,8 @@ spec:
- name: data
persistentVolumeClaim:
claimName: vaultwarden-data
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: true