Henry-Hiles/OOYE-module
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Try reducing scope of systemd services

Browse source
This commit is contained in:
Rory& 2025-01-12 06:34:30 +00:00
commit 045d6763d0
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
module.nix
View file

@ -172,11 +172,11 @@ in
ExecStart = lib.getExe config.services.matrix-ooye.package; ExecStart = lib.getExe config.services.matrix-ooye.package;
WorkingDirectory = "/var/lib/matrix-ooye"; WorkingDirectory = "/var/lib/matrix-ooye";
StateDirectory = "matrix-ooye"; StateDirectory = "matrix-ooye";
ProtectSystem = "strict"; #ProtectSystem = "strict";
ProtectHome = true; #ProtectHome = true;
PrivateTmp = true; #PrivateTmp = true;
NoNewPrivileges = true; #NoNewPrivileges = true;
PrivateDevices = true; #PrivateDevices = true;
Restart = "on-failure"; Restart = "on-failure";
DynamicUser = true; DynamicUser = true;
}; };