foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-02-07 12:19:07 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

services/yt-dlp: harden the service

Browse Source
This commit is contained in:
Gabriel Arazas 2022-04-17 00:18:03 +08:00
parent 10b3d01424
commit 560e296532
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/nixos/services/yt-dlp.nix
View File

@ -126,6 +126,14 @@ in {
} ${lib.escapeShellArgs value.urls}
'';
startAt = value.startAt;
serviceConfig = {
NoNewPrivileges = true;
PrivateTmp = true;
ProtectControlGroup = true;
ProtectClock = true;
ProtectKernelModule = true;
ProtectKernelLogs = true;
};
}) cfg.jobs;
};
}