nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tyo0/ntfy: fine grain unix socket permission

Browse source
This commit is contained in:
Guanran Wang 2024-09-30 23:45:38 +08:00
parent d472b07cff
commit b1e15b64ff
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
2 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
hosts/aws/tyo0/default.nix
View file

@ -63,7 +63,10 @@
listen = [ ":443" ]; listen = [ ":443" ];
}; };
systemd.services."caddy".serviceConfig.SupplementaryGroups = [ "forgejo" ]; systemd.services."caddy".serviceConfig.SupplementaryGroups = [
"forgejo"
"ntfy-sh"
];
services.caddy.settings.apps.http.servers.srv0.routes = [ services.caddy.settings.apps.http.servers.srv0.routes = [
{ {

2
hosts/aws/tyo0/services/ntfy.nix
View file

@ -6,7 +6,7 @@
base-url = "https://ntfy.ny4.dev"; base-url = "https://ntfy.ny4.dev";
listen-http = ""; listen-http = "";
listen-unix = "/run/ntfy-sh/ntfy.sock"; listen-unix = "/run/ntfy-sh/ntfy.sock";
listen-unix-mode = 511; # 0777 listen-unix-mode = 432; # 0660
behind-proxy = true; behind-proxy = true;
}; };
}; };