nixos/miniflux: allow members of miniflux group to read runtime directory

Otherwise a proxy server that has the miniflux group cannot read files in the runtime directory like a socket miniflux can listen on.
author: Sandro <sandro.jaeckel@gmail.com> 2024-01-05 15:01:04 +0100
committer: GitHub <noreply@github.com> 2024-01-05 15:01:04 +0100
commit: 9272b8ef79160cf127bb8497c02cec4a8b014ed4 (patch)
tree: fdf93371a1ccc1ff7a920351a77b9fd70a7f0d20 /nixos
parent: 0db936b01882539db64155b4c7a2b2ba431592ba (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/web-apps/miniflux.nix b/nixos/modules/services/web-apps/miniflux.nix
index a500008fc7925..284809831cd44 100644
--- a/nixos/modules/services/web-apps/miniflux.nix
+++ b/nixos/modules/services/web-apps/miniflux.nix
@@ -90,7 +90,7 @@ in
         User = "miniflux";
         DynamicUser = true;
         RuntimeDirectory = "miniflux";
-        RuntimeDirectoryMode = "0700";
+        RuntimeDirectoryMode = "0750";
         EnvironmentFile = cfg.adminCredentialsFile;
         # Hardening
         CapabilityBoundingSet = [ "" ];
author	Sandro <sandro.jaeckel@gmail.com>	2024-01-05 15:01:04 +0100
committer	GitHub <noreply@github.com>	2024-01-05 15:01:04 +0100
commit	9272b8ef79160cf127bb8497c02cec4a8b014ed4 (patch)
tree	fdf93371a1ccc1ff7a920351a77b9fd70a7f0d20 /nixos
parent	0db936b01882539db64155b4c7a2b2ba431592ba (diff)