Henry-Hiles/OOYE-module
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Try reducing scope of systemd services

Browse source
This commit is contained in:
Rory& 2025-01-12 06:34:30 +00:00
commit 045d6763d0
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
module.nix
View file

@ -172,11 +172,11 @@ in
ExecStart = lib.getExe config.services.matrix-ooye.package;
WorkingDirectory = "/var/lib/matrix-ooye";
StateDirectory = "matrix-ooye";
ProtectSystem = "strict";
ProtectHome = true;
PrivateTmp = true;
NoNewPrivileges = true;
PrivateDevices = true;
#ProtectSystem = "strict";
#ProtectHome = true;
#PrivateTmp = true;
#NoNewPrivileges = true;
#PrivateDevices = true;
Restart = "on-failure";
DynamicUser = true;
};