deployment: Set permissions of pki secret volume

bekriebel · bekriebel · commit 550af42ab54d · 2017-12-28T11:08:48.000-08:00
The PKI folder should only be readable by root. Set the permissions to
0400.

This removes the following warnings from the logs:
  WARNING: file '/etc/openvpn/pki/private.key' is group or others accessible
  WARNING: file '/etc/openvpn/pki/ta.key' is group or others accessible
diff --git a/kube/deployment.yaml b/kube/deployment.yaml
@@ -59,6 +59,7 @@ spec:
       - name: openvpn-pki
         secret:
           secretName: openvpn-pki
+          defaultMode: 0400
       - name: openvpn-ccd
         configMap:
           name: openvpn-ccd
