fix: Allow matrix-appservice-irc to chown things

@chown is part of @privileged. It is used by sed which is used to manage the
registration.yaml
This commit is contained in:
Akshay Mankar 2023-12-02 17:22:28 +01:00
parent becaa9d649
commit 75270321d5
Signed by untrusted user: axeman
GPG key ID: CA08F3AB62369B89

View file

@ -1,5 +1,10 @@
{lib, ...}: {pkgs, lib, ...}:
{ {
systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce [
"@system-service @pkey"
"~@privileged @resources"
"@chown"
];
services.matrix-appservice-irc = { services.matrix-appservice-irc = {
enable = true; enable = true;
localpart = "irc_bot"; localpart = "irc_bot";