From 77fda07aa66b67669ac44f66118b5519796ab31d Mon Sep 17 00:00:00 2001
From: technofab <admin@technofab.de>
Date: Tue, 7 May 2024 20:18:50 +0200
Subject: [PATCH] fix(nix-kubernetes): chown manually and remove fsGroup

---
 nix-kubernetes/kubernetes.nix | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/nix-kubernetes/kubernetes.nix b/nix-kubernetes/kubernetes.nix
index 1c5cc30..128abba 100644
--- a/nix-kubernetes/kubernetes.nix
+++ b/nix-kubernetes/kubernetes.nix
@@ -30,6 +30,29 @@
           };
         };
         init_container = [
+          {
+            name = "chown";
+            image = "alpine:3";
+            command = ["chown" "1000:1000" "/mnt/nix" "/mnt/tmp" "/mnt/home"];
+            security_context.run_as_user = "0";
+            volume_mount = [
+              {
+                mount_path = "/mnt/home";
+                name = "home";
+                read_only = false;
+              }
+              {
+                mount_path = "/mnt/nix";
+                name = "nix-store";
+                read_only = false;
+              }
+              {
+                mount_path = "/mnt/tmp";
+                name = "tmp";
+                read_only = false;
+              }
+            ];
+          }
           {
             name = "copy-nix-store";
             image = "registry.gitlab.com/technofab/coder-templates/nix-coder-image:\${data.coder_parameter.image_tag.value}";
@@ -94,7 +117,6 @@
           }
         ];
         security_context = {
-          fs_group = 1000;
           run_as_user = 1000;
           run_as_group = 1000;
         };