From 884dc057eb26f0ae3ea32fbaf3f77737f062d2c7 Mon Sep 17 00:00:00 2001
From: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Date: Thu, 1 Feb 2024 10:19:56 +0200
Subject: [PATCH] home-assistant - make sure init config have access to update
 db url (#2112)

---
 library/ix-dev/charts/home-assistant/Chart.yaml              | 2 +-
 .../charts/home-assistant/templates/_configuration.tpl       | 2 ++
 .../charts/home-assistant/templates/_home-assistant.tpl      | 5 +++++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/library/ix-dev/charts/home-assistant/Chart.yaml b/library/ix-dev/charts/home-assistant/Chart.yaml
index 2189c4a641..c6140f840d 100644
--- a/library/ix-dev/charts/home-assistant/Chart.yaml
+++ b/library/ix-dev/charts/home-assistant/Chart.yaml
@@ -3,7 +3,7 @@ description: Home Assistant is an open source home automation that puts local co
 annotations:
   title: Home Assistant
 type: application
-version: 2.0.3
+version: 2.0.4
 apiVersion: v2
 appVersion: 2024.1.5
 kubeVersion: '>=1.16.0-0'
diff --git a/library/ix-dev/charts/home-assistant/templates/_configuration.tpl b/library/ix-dev/charts/home-assistant/templates/_configuration.tpl
index 1c7e97d784..fc8f309449 100644
--- a/library/ix-dev/charts/home-assistant/templates/_configuration.tpl
+++ b/library/ix-dev/charts/home-assistant/templates/_configuration.tpl
@@ -71,6 +71,8 @@ secret:
         #!/bin/sh
         config="/config/configuration.yaml"
         default="/default/init"
+        // Attemp to get read/write access
+        chmod +rw "$config" || echo "Failed to set permissions on [$config]"
         if [ ! -f "$config" ]; then
           echo "File [$config] does NOT exist. Creating..."
           cp "$default/configuration.default" "$config"
diff --git a/library/ix-dev/charts/home-assistant/templates/_home-assistant.tpl b/library/ix-dev/charts/home-assistant/templates/_home-assistant.tpl
index 68d4b1e066..39ff6168ee 100644
--- a/library/ix-dev/charts/home-assistant/templates/_home-assistant.tpl
+++ b/library/ix-dev/charts/home-assistant/templates/_home-assistant.tpl
@@ -60,6 +60,11 @@ workload:
             runAsGroup: 0
             runAsNonRoot: false
             readOnlyRootFilesystem: false
+            capabilities:
+              add:
+                - CHOWN
+                - DAC_OVERRIDE
+                - FOWNER
           command: /default/init/script.sh
       {{- include "ix.v1.common.app.postgresWait" (dict "name" "postgres-wait"
                                                         "secretName" "postgres-creds") | nindent 8 }}