robin/ugc-scaper
1
0
Fork 0
mirror of https://codeberg.org/icewind/ugc-scaper.git synced 2026-06-03 10:14:11 +02:00
Code Issues Projects Releases Packages Wiki Activity

flake rework

Browse source
This commit is contained in:
Robin Appelman 2024-11-08 23:14:56 +01:00
commit 2e3ef9dfd3
11 changed files with 718 additions and 566 deletions
Download patch file Download diff file Expand all files Collapse all files

22
module.nix
View file

@ -1,12 +1,12 @@
{
config,
lib,
pkgs,
...
{ config
, lib
, pkgs
, ...
}:
with lib; let
cfg = config.services.ugc-api-server;
in {
in
{
options.services.ugc-api-server = {
enable = mkEnableOption "ugc api server";
@ -30,12 +30,12 @@ in {
config = mkIf cfg.enable {
systemd.services."ugc-api-server" = {
wantedBy = ["multi-user.target"];
after = ["network-online.target"];
wants = ["network-online.target"];
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
environment = {
RUST_LOG = cfg.logLevel;
PORT = toString cfg.port;
PORT = toString cfg.port;
};
serviceConfig = {
@ -61,7 +61,7 @@ in {
RestrictAddressFamilies = "AF_INET AF_INET6";
RestrictRealtime = true;
ProtectProc = "noaccess";
SystemCallFilter = ["@system-service" "~@resources" "~@privileged"];
SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
PrivateUsers = true;
ProcSubset = "pid";
};