diff options
author | Nathan van Doorn <nvd1234@gmail.com> | 2020-10-29 17:05:57 +0000 |
---|---|---|
committer | Nathan van Doorn <nvd1234@gmail.com> | 2020-11-30 13:36:19 +0000 |
commit | 12c3e0a4655418cf0cbd53fd0e00b9f9a664fd40 (patch) | |
tree | 274c8ce9a1754356d62b244e9bde26dd8dbc0aef /nixos/modules/services/development/hoogle.nix | |
parent | c5d33689da8a287ebe50a6d8e07a553e8aa4b316 (diff) |
nixos/services/hoogle use DynamicUser instead of nobody
I've also removed PrivateTmp = true because this is implied by dynamic user.
I've left ProtectHome = true because I believe this is stronger than
ProtectHome = "read-only" which DynamicUser implies.
Diffstat (limited to '')
-rw-r--r-- | nixos/modules/services/development/hoogle.nix | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/nixos/modules/services/development/hoogle.nix b/nixos/modules/services/development/hoogle.nix index 1a98f005602a..cbf13f027de2 100644 --- a/nixos/modules/services/development/hoogle.nix +++ b/nixos/modules/services/development/hoogle.nix @@ -61,10 +61,8 @@ in { Restart = "always"; ExecStart = ''${hoogleEnv}/bin/hoogle server --local --port ${toString cfg.port} --home ${cfg.home}''; - User = "nobody"; - Group = "nogroup"; + DynamicUser = true; - PrivateTmp = true; ProtectHome = true; RuntimeDirectory = "hoogle"; |