From a2ab1f09a8eaf4d34a505db7cf9c5570a1890910 Mon Sep 17 00:00:00 2001
From: Gabriel Arazas <foodogsquared@foodogsquared.one>
Date: Thu, 20 Jul 2023 10:42:43 +0800
Subject: [PATCH] hosts/plover: fix Vaultwarden hardened service

---
 hosts/plover/modules/services/vaultwarden.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hosts/plover/modules/services/vaultwarden.nix b/hosts/plover/modules/services/vaultwarden.nix
index 7473198a..3a06b6f5 100644
--- a/hosts/plover/modules/services/vaultwarden.nix
+++ b/hosts/plover/modules/services/vaultwarden.nix
@@ -108,7 +108,7 @@ in
       # Restricting what capabilities it has access to which it
       # has none.
       CapabilityBoundingSet = [ "" ];
-      AmbientCapability = [ "" ];
+      AmbientCapabilities = lib.mkForce [ "" ];
 
       # Restrict what address families this service can interact
       # with. Since it is a web service, we expect it will only