nixos/services/hoogle use DynamicUser instead of nobody

I've also removed PrivateTmp = true because this is implied by dynamic user. I've left ProtectHome = true because I believe this is stronger than ProtectHome = "read-only" which DynamicUser implies.
author: Nathan van Doorn <nvd1234@gmail.com> 2020-10-29 17:05:57 +0000
committer: Nathan van Doorn <nvd1234@gmail.com> 2020-11-30 13:36:19 +0000
commit: 12c3e0a4655418cf0cbd53fd0e00b9f9a664fd40 (patch)
tree: 274c8ce9a1754356d62b244e9bde26dd8dbc0aef /nixos/modules/services/development/hoogle.nix
parent: c5d33689da8a287ebe50a6d8e07a553e8aa4b316 (diff)
1 files changed, 1 insertions, 3 deletions
diff --git a/nixos/modules/services/development/hoogle.nix b/nixos/modules/services/development/hoogle.nix
index 1a98f005602a..cbf13f027de2 100644
--- a/nixos/modules/services/development/hoogle.nix
+++ b/nixos/modules/services/development/hoogle.nix
@@ -61,10 +61,8 @@ in {
         Restart = "always";
         ExecStart = ''${hoogleEnv}/bin/hoogle server --local --port ${toString cfg.port} --home ${cfg.home}'';
 
-        User = "nobody";
-        Group = "nogroup";
+        DynamicUser = true;
 
-        PrivateTmp = true;
         ProtectHome = true;
 
         RuntimeDirectory = "hoogle";
author	Nathan van Doorn <nvd1234@gmail.com>	2020-10-29 17:05:57 +0000
committer	Nathan van Doorn <nvd1234@gmail.com>	2020-11-30 13:36:19 +0000
commit	12c3e0a4655418cf0cbd53fd0e00b9f9a664fd40 (patch)
tree	274c8ce9a1754356d62b244e9bde26dd8dbc0aef /nixos/modules/services/development/hoogle.nix
parent	c5d33689da8a287ebe50a6d8e07a553e8aa4b316 (diff)