From f1a5f0caa5765d6c076226a799fe8d337b8bace8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christer=20War=C3=A9n?= <cwchristerw@gmail.com>
Date: Thu, 28 Aug 2025 12:43:16 +0300
Subject: [PATCH] Add NET_BIND_SERVICE capability to PowerDNS containers

---
 tasks/deployer.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tasks/deployer.yml b/tasks/deployer.yml
index e9a796b..ddfb259 100644
--- a/tasks/deployer.yml
+++ b/tasks/deployer.yml
@@ -363,6 +363,8 @@
     restart_policy: always
     volumes:
       - "/root/data/powerdns-authorative/config.conf:/etc/powerdns/pdns.conf:ro"
+    capabilities:
+      - NET_BIND_SERVICE
   when:
     - (deployerTaskPA1 is defined and deployerTaskPA1.changed) or deployerTaskPA1 is undefined or (deployerTaskPA2 is defined and deployerTaskPA2.changed) or deployerTaskPA2 is undefined
   tags:
@@ -421,6 +423,8 @@
     restart_policy: always
     volumes:
       - "/root/data/powerdns-recursor/config.conf:/etc/powerdns/recursor.conf:ro"
+    capabilities:
+      - NET_BIND_SERVICE
   when:
     - (deployerTaskPR1 is defined and deployerTaskPR1.changed) or deployerTaskPR1 is undefined or (deployerTaskPR2 is defined and deployerTaskPR2.changed) or deployerTaskPR2 is undefined
   tags: