diff options
| author | Sarah Brofeldt <sarah@qtr.dk> | 2019-12-02 20:22:50 +0100 |
|---|---|---|
| committer | Sarah Brofeldt <sarah@qtr.dk> | 2019-12-02 21:45:06 +0100 |
| commit | 1573102a8921e5d53dd4b65e2be36923c528158d (patch) | |
| tree | c8fbb3c2d8d8c35c99e9bcecee0005eb5b311b2b /nixos/modules | |
| parent | bb1013511e1e5edcf314df8321acf2f3c536df0d (diff) | |
| download | nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.tar nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.tar.gz nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.tar.bz2 nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.tar.lz nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.tar.xz nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.tar.zst nixlib-1573102a8921e5d53dd4b65e2be36923c528158d.zip | |
nixos/gitea: Fix startup
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/misc/gitea.nix | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix index b6f4d88adbef..509a080ef017 100644 --- a/nixos/modules/services/misc/gitea.nix +++ b/nixos/modules/services/misc/gitea.nix @@ -396,9 +396,7 @@ in Restart = "always"; # Filesystem - ProtectSystem = "strict"; ProtectHome = true; - PrivateTmp = true; PrivateDevices = true; ProtectKernelTunables = true; ProtectKernelModules = true; @@ -413,7 +411,7 @@ in PrivateMounts = true; PrivateUsers = true; MemoryDenyWriteExecute = true; - SystemCallFilter = "~@chown @clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @privileged @raw-io @reboot @resources @setuid @swap"; + SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @reboot @resources @setuid @swap"; SystemCallArchitectures = "native"; RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6"; }; |