mirror of
https://github.com/truenas/charts.git
synced 2026-02-03 02:23:49 +08:00
33 lines
1.1 KiB
YAML
33 lines
1.1 KiB
YAML
runAsContext:
|
|
- userName: root
|
|
groupName: root
|
|
gid: 0
|
|
uid: 0
|
|
description: Nextcloud runs as root user.
|
|
- userName: root
|
|
groupName: root
|
|
gid: 999
|
|
uid: 999
|
|
description: Postgres runs as root user.
|
|
- userName: root
|
|
groupName: root
|
|
gid: 0
|
|
uid: 0
|
|
description: Nginx runs as root user. (Nginx only runs when certificate is provided)
|
|
capabilities:
|
|
- name: CHOWN
|
|
description: Nextcloud, Nginx and Postgres are able to chown files.
|
|
- name: FOWNER
|
|
description: Nextcloud, Nginx and Postgres are able to bypass permission checks for it's sub-processes.
|
|
- name: DAC_OVERRIDE
|
|
description: Nextcloud, Nginx and Postgres are able to bypass permission checks.
|
|
- name: SETGID
|
|
description: Nextcloud, Nginx and Postgres are able to set group ID for it's sub-processes.
|
|
- name: SETUID
|
|
description: Nextcloud, Nginx and Postgres are able to set user ID for it's sub-processes.
|
|
- name: NET_BIND_SERVICE
|
|
description: Nextcloud, Nginx and Postgres are able to bind to privileged ports.
|
|
- name: NET_RAW
|
|
description: Nextcloud, Nginx and Postgres are able to use raw sockets.
|
|
hostMounts: []
|