eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/argocd/manifests/prowler/pv-nfs.yaml
Erich Blume a97391177a Deploy Prowler CIS scanner as weekly CronJob on minikube-indri 
Custom slim container (no PowerShell/Trivy), NFS-backed reports
on sifaka:/volume1/reports/prowler/, ClusterRole with read-only
RBAC for Kubernetes CIS Benchmark v1.11 checks.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 15:00:48 -07:00

22 lines
665 B
YAML
Raw Blame History

# NFS PersistentVolume for Prowler compliance reports
# Requires: NFS share on sifaka at /volume1/reports with NFS permissions for indri
#
# To create on Synology:
# 1. Control Panel > Shared Folder > Create
# 2. Name: reports, Location: Volume 1
# 3. Control Panel > File Services > NFS > NFS Rules
# 4. Add rule for "reports" share: Hostname=indri, Privilege=Read/Write, Squash=No mapping
apiVersion: v1
kind: PersistentVolume
metadata:
name: prowler-reports-nfs-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: ""
nfs:
server: sifaka
path: /volume1/reports/prowler
Reference in a new issue View git blame Copy permalink