movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

nixos/sslh: don't run as nogroup

Browse source 
See #55370
This commit is contained in:
Jörg Thalheim 2020-02-28 15:06:49 +00:00
parent 250daba4be
commit 9218a58964
No known key found for this signature in database
GPG key ID: 003F2096411B5F92
1 changed files with 2 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

9
nixos/modules/services/networking/sslh.nix
View file

@ -77,19 +77,14 @@ in
config = mkMerge [ config = mkMerge [
(mkIf cfg.enable { (mkIf cfg.enable {
users.users.${user} = {
description = "sslh daemon user";
isSystemUser = true;
};
systemd.services.sslh = { systemd.services.sslh = {
description = "Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)"; description = "Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)";
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
User = user; DynamicUser = true;
Group = "nogroup"; User = "sslh";
PermissionsStartOnly = true; PermissionsStartOnly = true;
Restart = "always"; Restart = "always";
RestartSec = "1s"; RestartSec = "1s";