From c389fc43a453cde40527f8ceae972217dfdcfe60 Mon Sep 17 00:00:00 2001
From: alexlebens <alexanderlebens@gmail.com>
Date: Sun, 7 Jul 2024 17:24:46 -0500
Subject: [PATCH] change security context

---
 .../prowlarr/templates/replication-source.yaml         | 10 ++++++++++
 .../radarr5-4k/templates/replication-source.yaml       | 10 ++++++++++
 .../radarr5/templates/replication-source.yaml          | 10 ++++++++++
 .../readarr-books/templates/replication-source.yaml    | 10 ++++++++++
 .../sonarr4-4k/templates/replication-source.yaml       | 10 ++++++++++
 .../sonarr4/templates/replication-source.yaml          | 10 ++++++++++
 6 files changed, 60 insertions(+)

diff --git a/clusters/cl01tl/applications/prowlarr/templates/replication-source.yaml b/clusters/cl01tl/applications/prowlarr/templates/replication-source.yaml
index 3afaab27d..1e92b4536 100644
--- a/clusters/cl01tl/applications/prowlarr/templates/replication-source.yaml
+++ b/clusters/cl01tl/applications/prowlarr/templates/replication-source.yaml
@@ -22,6 +22,16 @@ spec:
       weekly: 3
       monthly: 2
       yearly: 4
+    moverSecurityContext:
+      runAsUser: 568
+      runAsGroup: 568
+      fsGroup: 568
+      fsGroupChangePolicy: OnRootMismatch
+      supplementalGroups:
+        - 44
+        - 100
+        - 109
+        - 65539
     copyMethod: Snapshot
     storageClassName: ceph-block
     volumeSnapshotClassName: ceph-blockpool-snapshot
diff --git a/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml b/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml
index d68827f8f..3e7c764cf 100644
--- a/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml
+++ b/clusters/cl01tl/applications/radarr5-4k/templates/replication-source.yaml
@@ -22,6 +22,16 @@ spec:
       weekly: 3
       monthly: 2
       yearly: 4
+    moverSecurityContext:
+      runAsUser: 568
+      runAsGroup: 568
+      fsGroup: 568
+      fsGroupChangePolicy: OnRootMismatch
+      supplementalGroups:
+        - 44
+        - 100
+        - 109
+        - 65539
     copyMethod: Snapshot
     storageClassName: ceph-block
     volumeSnapshotClassName: ceph-blockpool-snapshot
diff --git a/clusters/cl01tl/applications/radarr5/templates/replication-source.yaml b/clusters/cl01tl/applications/radarr5/templates/replication-source.yaml
index f85e063e7..ab2e8de2d 100644
--- a/clusters/cl01tl/applications/radarr5/templates/replication-source.yaml
+++ b/clusters/cl01tl/applications/radarr5/templates/replication-source.yaml
@@ -22,6 +22,16 @@ spec:
       weekly: 3
       monthly: 2
       yearly: 4
+    moverSecurityContext:
+      runAsUser: 568
+      runAsGroup: 568
+      fsGroup: 568
+      fsGroupChangePolicy: OnRootMismatch
+      supplementalGroups:
+        - 44
+        - 100
+        - 109
+        - 65539
     copyMethod: Snapshot
     storageClassName: ceph-block
     volumeSnapshotClassName: ceph-blockpool-snapshot
diff --git a/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml b/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml
index 474d39d2a..213df8e03 100644
--- a/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml
+++ b/clusters/cl01tl/applications/readarr-books/templates/replication-source.yaml
@@ -22,6 +22,16 @@ spec:
       weekly: 3
       monthly: 2
       yearly: 4
+    moverSecurityContext:
+      runAsUser: 568
+      runAsGroup: 568
+      fsGroup: 568
+      fsGroupChangePolicy: OnRootMismatch
+      supplementalGroups:
+        - 44
+        - 100
+        - 109
+        - 65539
     copyMethod: Snapshot
     storageClassName: ceph-block
     volumeSnapshotClassName: ceph-blockpool-snapshot
diff --git a/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml b/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml
index 0fce10704..0a84c41eb 100644
--- a/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml
+++ b/clusters/cl01tl/applications/sonarr4-4k/templates/replication-source.yaml
@@ -22,6 +22,16 @@ spec:
       weekly: 3
       monthly: 2
       yearly: 4
+    moverSecurityContext:
+      runAsUser: 568
+      runAsGroup: 568
+      fsGroup: 568
+      fsGroupChangePolicy: OnRootMismatch
+      supplementalGroups:
+        - 44
+        - 100
+        - 109
+        - 65539
     copyMethod: Snapshot
     storageClassName: ceph-block
     volumeSnapshotClassName: ceph-blockpool-snapshot
diff --git a/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml b/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml
index 5aba833bb..1c0f28304 100644
--- a/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml
+++ b/clusters/cl01tl/applications/sonarr4/templates/replication-source.yaml
@@ -22,6 +22,16 @@ spec:
       weekly: 3
       monthly: 2
       yearly: 4
+    moverSecurityContext:
+      runAsUser: 568
+      runAsGroup: 568
+      fsGroup: 568
+      fsGroupChangePolicy: OnRootMismatch
+      supplementalGroups:
+        - 44
+        - 100
+        - 109
+        - 65539
     copyMethod: Snapshot
     storageClassName: ceph-block
     volumeSnapshotClassName: ceph-blockpool-snapshot