updates...

homelab/applications/postgres/README.md

@@ -2,20 +2,26 @@
 ## Set up non-root user for container
 We are providing a non-root user to the container to limit the attack surface for privilege escalations. In order for this to work in our setup, please make sure to check if you have a user called `postgres` set up. 
 
-1. Check if user `postgres` exists and if the UID is 1002
+1. Check if user `postgres` exists
 
 ```
 cat /etc/passwd | grep postgres
 ```
-
-In case the `postgres` user exists but the UID is not 1002, please adjust it via 
+In case the `postgres` user doesn't exist, please create the user by running
 ```
-sudo usermod -u 1002 postgres
+sudo useradd postgres
+```
+2. `data` folder ownership
+Also you need to make sure that the `postgres` owner owns the volumes mounted for docker
+```
+sudo chown -R postgres:postgres data
+sudo chmod 770 data
 ```
 
-In case the `postgres` user doesn't exist at all, please create the user incl. the right UID by running
+3. Adjust compose.yml
+Within `services > postgres > user`, make sure to replare `postgres` with the UID of the user on your machine
 ```
-sudo useradd -u 1002 postgres
+cat /etc/passwd | grep postgres
 ```
 
 ## About secrets
@@ -25,4 +31,4 @@ In order to manage secrets centrally in 1Password and due to the need for secret
 Please use the `start.sh` to spin up the container
 ### Prerequisites start.sh
 - User executing the script is part of the `docker` group
-- Env variable `OP_SERVICE_ACCOUNT_TOKEN` is set up \[check out top-level README.md for more information on how to set this up\]
+- Environment variable `OP_SERVICE_ACCOUNT_TOKEN` is set up \[check out top-level README.md for more information on how to set this up\]