robin/rss-webhook-trigger
1
0
Fork 0
mirror of https://codeberg.org/icewind/rss-webhook-trigger.git synced 2026-06-03 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

strict

Browse source
This commit is contained in:
Robin Appelman 2022-07-17 15:13:02 +02:00
commit 6a89a5d3b5
1 changed files with 1 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
flake.nix
View file

@ -84,7 +84,7 @@
Restart = "on-failure";
DynamicUser = true;
PrivateTmp = true;
ProtectSystem = "full";
ProtectSystem = "strict";
ProtectHome = true;
NoNewPrivileges = true;
PrivateDevices = true;
@ -102,7 +102,6 @@
RestrictAddressFamilies = "AF_INET AF_INET6";
RestrictRealtime = true;
ProtectProc = "noaccess";
PrivateUsers = true;
SystemCallFilter = ["@system-service" "~@resources" "~@privileged"];
IPAddressDeny = "localhost link-local multicast";
};