b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #188771 from K900/vaultwarden-permissions

Browse source 
nixos/vaultwarden: protect the default data directory more
This commit is contained in:
K900 2022-08-30 09:41:15 +03:00 committed by GitHub
parent 70d6e6063b a7bfb90ea8
commit fcea1ef75f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nixos/modules/services/security/vaultwarden/default.nix
View file

@ -196,6 +196,7 @@ ADMIN_TOKEN=...copy-paste a unique generated secret token here...
ProtectSystem = "strict";
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
StateDirectory = "bitwarden_rs";
StateDirectoryMode = "0700";
};
wantedBy = [ "multi-user.target" ];
};