SelfPrivacy/selfprivacy-nixos-infect
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect.git synced 2024-11-22 03:51:27 +00:00
Code Issues Projects Releases Wiki Activity

Fixed path for the SelfPrivacy API service

Browse source
This commit is contained in:
Illia Chub 2021-07-26 11:34:51 +03:00
parent b660f8a9c0
commit a74faa6bad
1 changed files with 3 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
nixos-infect Executable file → Normal file
View file

@ -207,6 +207,7 @@ EOF
users.users = {
virtualMail = {
isNormalUser = false;
isSystemUser = true;
};
};
@ -648,6 +649,7 @@ cat > /etc/nixos/api/api.nix << EOF
users.users."selfprivacy-api" = {
isNormalUser = false;
isSystemUser = true;
extraGroups = [ "opendkim" ];
};
users.groups."selfprivacy-api" = {
@ -712,18 +714,11 @@ in
environment = {
PYTHONUNBUFFERED = "1";
};
path = [ "/var/" "/var/dkim/" ];
path = [ "/var/" "/var/dkim/" pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal pkgs.config.nix.package.out ];
after = [ "network-online.target" ];
wantedBy = [ "network-online.target" ];
serviceConfig = {
User = "root";
PrivateDevices = "true";
ProtectKernelTunables = "true";
ProtectKernelModules = "true";
LockPersonality = "true";
RestrictRealtime = "true";
SystemCallFilter = "@system-service @network-io @signal";
SystemCallErrorNumber = "EPERM";
ExecStart = "\${selfprivacy-api}/bin/main.py";
Restart = "always";
RestartSec = "5";