From feec123292d7adc6d2d217bd130e8c5cd93752e3 Mon Sep 17 00:00:00 2001 From: Simon L Date: Tue, 21 Nov 2023 12:00:51 +0100 Subject: [PATCH] fix clamav permissions Signed-off-by: Simon L --- nextcloud-aio-helm-chart/Chart.yaml | 2 +- .../nextcloud-aio-clamav-deployment.yaml | 16 +++++++++-- nextcloud-aio-helm-chart/update-helm.sh | 27 ++++++++++++++++--- 3 files changed, 39 insertions(+), 6 deletions(-) diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index a30ab34e..bc9659d6 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 7.7.0-beta3 +version: 7.7.0-beta4 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 40adf7d1..0d28c91d 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -24,11 +24,22 @@ spec: io.kompose.service: nextcloud-aio-clamav spec: initContainers: + - name: init-subpath + image: alpine + command: + - mkdir + - "-p" + - /nextcloud-aio-clamav/data + - /nextcloud-aio-clamav + volumeMounts: + - name: nextcloud-aio-clamav + mountPath: /nextcloud-aio-clamav - name: init-volumes image: alpine command: - - chmod - - "777" + - chown + - 100:100 + - "-R" - /nextcloud-aio-clamav volumeMounts: - name: nextcloud-aio-clamav @@ -46,6 +57,7 @@ spec: protocol: TCP volumeMounts: - mountPath: /var/lib/clamav + subPath: data name: nextcloud-aio-clamav volumes: - name: nextcloud-aio-clamav diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh index 48f73505..b3525ece 100755 --- a/nextcloud-aio-helm-chart/update-helm.sh +++ b/nextcloud-aio-helm-chart/update-helm.sh @@ -81,15 +81,34 @@ cat << EOL > /tmp/initcontainers.database - "-R" volumeMountsInitContainer: EOL +cat << EOL > /tmp/initcontainers.clamav + initContainers: + - name: init-subpath + image: alpine + command: + - mkdir + - "-p" + - /nextcloud-aio-clamav/data + volumeMountsInitContainer: + - name: init-volumes + image: alpine + command: + - chown + - 100:100 + - "-R" + volumeMountsInitContainer: +EOL # shellcheck disable=SC1083 DEPLOYMENTS="$(find ./ -name '*deployment.yaml')" mapfile -t DEPLOYMENTS <<< "$DEPLOYMENTS" for variable in "${DEPLOYMENTS[@]}"; do if grep -q volumeMounts "$variable"; then - if ! echo "$variable" | grep -q database; then - sed -i "/^ spec:/r /tmp/initcontainers" "$variable" - else + if echo "$variable" | grep -q database; then sed -i "/^ spec:/r /tmp/initcontainers.database" "$variable" + elif echo "$variable" | grep -q clamav; then + sed -i "/^ spec:/r /tmp/initcontainers.clamav" "$variable" + else + sed -i "/^ spec:/r /tmp/initcontainers" "$variable" fi volumeNames="$(grep -A1 mountPath "$variable" | grep -v mountPath | sed 's|.*name: ||' | sed '/^--$/d')" mapfile -t volumeNames <<< "$volumeNames" @@ -101,6 +120,8 @@ for variable in "${DEPLOYMENTS[@]}"; do # Workaround for the database volume if [ "$volumeName" = nextcloud-aio-database ]; then sed -i "/mountPath: \/var\/lib\/postgresql\/data/a\ \ \ \ \ \ \ \ \ \ \ \ \ \ subPath: data" "$variable" + elif [ "$volumeName" = nextcloud-aio-clamav ]; then + sed -i "/mountPath: \/var\/lib\/clamav/a\ \ \ \ \ \ \ \ \ \ \ \ \ \ subPath: data" "$variable" fi fi