mm security context

argocd/apps/mattermost/mattermnost.yaml

@@ -22,7 +22,6 @@ spec:
             storageClass: "longhorn"
             size: 10Gi
 
-        # Service Name für Kompatibilität
         fullnameOverride: "mattermost-postgresql"
 
   destination:
@@ -73,6 +72,13 @@ spec:
           externalDriverType: "postgres"
           externalConnectionString: "mmdbuser:mmdbpwd@mattermost-postgresql:5432/mattermost?sslmode=disable&connect_timeout=10"
 
+        # WICHTIG: Security Context für korrekte Volume-Berechtigungen
+        # Mattermost läuft als UID 2000, GID 2000
+        securityContext:
+          fsGroup: 2000
+          runAsUser: 2000
+          runAsGroup: 2000
+
         # Ingress Konfiguration
         ingress:
           enabled: true
@@ -84,7 +90,7 @@ spec:
               secretName: mattermost-tls
           annotations:
             kubernetes.io/ingress.class: traefik
-            cert-manager.io/cluster-issuer: lets-encrypt
+            cert-manager.io/cluster-issuer: lets-encrypt-staging
 
   destination:
     server: 'https://kubernetes.default.svc'