search

ChrisTerBeke / nomad-on-gcp

Terraform code to deploy Nomad on GCP
The Unlicense
2 stars 1 forks source link

Improve: run as non-root user #2

Closed ChrisTerBeke closed 5 months ago

ChrisTerBeke commented 5 months ago

Currently Nomad server runs as root user which is way too permissive. See https://developer.hashicorp.com/nomad/docs/operations/nomad-agent#permissions.

bschaatsbergen commented 5 months ago

Runs in COS, the systemd nomad exec service has a nomad user with docker group permissions