From 4498c4a0f29215d10c45663f6aa2edda481c25f4 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Wed, 26 Jul 2023 01:48:08 +0200
Subject: [PATCH] fix(tor): Adjust deployment to be functional

---
 apps/k8s01/tor/deployment.yaml | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/apps/k8s01/tor/deployment.yaml b/apps/k8s01/tor/deployment.yaml
index 07909a560..888c93c0f 100644
--- a/apps/k8s01/tor/deployment.yaml
+++ b/apps/k8s01/tor/deployment.yaml
@@ -4,6 +4,7 @@ metadata:
   labels:
     app.kubernetes.io/name: tor
   name: tor
+  namespace: tor
 spec:
   replicas: 2
   selector:
@@ -14,6 +15,10 @@ spec:
       labels:
         app.kubernetes.io/name: tor
     spec:
+      securityContext:
+        runAsUser: 101
+        runAsGroup: 101
+        fsGroup: 101
       topologySpreadConstraints:
         - maxSkew: 1
           topologyKey: kubernetes.io/hostname
@@ -43,9 +48,20 @@ spec:
             cpu: "1"
             memory: 512Mi
         securityContext:
-          runAsUser: 101
-          runAsGroup: 101
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+              - ALL
+          seccompProfile:
+            type: RuntimeDefault
+        volumeMounts:
+          - name: home
+            mountPath: /var/lib/tor/
+      volumes:
+        - name: home
+          emptyDir:
+            medium: Memory
+            sizeLimit: 128Mi
 
-- 
GitLab