runAsContext:
  - userName: root
    groupName: root
    gid: 0
    uid: 0
    description: Nextcloud runs as root user.
  - userName: root
    groupName: root
    gid: 999
    uid: 999
    description: Postgres runs as root user.
  - userName: root
    groupName: root
    gid: 0
    uid: 0
    description: Nginx runs as root user. (Nginx only runs when certificate is provided)
capabilities:
  - name: CHOWN
    description: Nextcloud, Nginx and Postgres are able to chown files.
  - name: FOWNER
    description: Nextcloud, Nginx and Postgres are able to bypass permission checks for it's sub-processes.
  - name: DAC_OVERRIDE
    description: Nextcloud, Nginx and Postgres are able to bypass permission checks.
  - name: SETGID
    description: Nextcloud, Nginx and Postgres are able to set group ID for it's sub-processes.
  - name: SETUID
    description: Nextcloud, Nginx and Postgres are able to set user ID for it's sub-processes.
  - name: NET_BIND_SERVICE
    description: Nextcloud, Nginx and Postgres are able to bind to privileged ports.
  - name: NET_RAW
    description: Nextcloud, Nginx and Postgres are able to use raw sockets.
hostMounts: []