diff options
author | Sandro <sandro.jaeckel@gmail.com> | 2024-01-05 15:01:04 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-05 15:01:04 +0100 |
commit | 9272b8ef79160cf127bb8497c02cec4a8b014ed4 (patch) | |
tree | fdf93371a1ccc1ff7a920351a77b9fd70a7f0d20 /nixos | |
parent | 0db936b01882539db64155b4c7a2b2ba431592ba (diff) |
nixos/miniflux: allow members of miniflux group to read runtime directory
Otherwise a proxy server that has the miniflux group cannot read files in the runtime directory like a socket miniflux can listen on.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/web-apps/miniflux.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/web-apps/miniflux.nix b/nixos/modules/services/web-apps/miniflux.nix index a500008fc7925..284809831cd44 100644 --- a/nixos/modules/services/web-apps/miniflux.nix +++ b/nixos/modules/services/web-apps/miniflux.nix @@ -90,7 +90,7 @@ in User = "miniflux"; DynamicUser = true; RuntimeDirectory = "miniflux"; - RuntimeDirectoryMode = "0700"; + RuntimeDirectoryMode = "0750"; EnvironmentFile = cfg.adminCredentialsFile; # Hardening CapabilityBoundingSet = [ "" ]; |