Skip to content

Commit 550af42

Browse files
committed
deployment: Set permissions of pki secret volume
The PKI folder should only be readable by root. Set the permissions to 0400. This removes the following warnings from the logs: WARNING: file '/etc/openvpn/pki/private.key' is group or others accessible WARNING: file '/etc/openvpn/pki/ta.key' is group or others accessible
1 parent af2fa87 commit 550af42

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

kube/deployment.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,7 @@ spec:
5959
- name: openvpn-pki
6060
secret:
6161
secretName: openvpn-pki
62+
defaultMode: 0400
6263
- name: openvpn-ccd
6364
configMap:
6465
name: openvpn-ccd

0 commit comments

Comments
 (0)