diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/networking/netbird.nix | 5 | ||||
-rw-r--r-- | nixos/modules/services/security/authelia.nix | 2 |
2 files changed, 4 insertions, 3 deletions
diff --git a/nixos/modules/services/networking/netbird.nix b/nixos/modules/services/networking/netbird.nix index 5bd9e9ca61696..647c0ce3e6d1f 100644 --- a/nixos/modules/services/networking/netbird.nix +++ b/nixos/modules/services/networking/netbird.nix @@ -41,9 +41,10 @@ in { documentation = [ "https://netbird.io/docs/" ]; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; + path = with pkgs; [ + openresolv + ]; serviceConfig = { - AmbientCapabilities = [ "CAP_NET_ADMIN" ]; - DynamicUser = true; Environment = [ "NB_CONFIG=/var/lib/netbird/config.json" "NB_LOG_FILE=console" diff --git a/nixos/modules/services/security/authelia.nix b/nixos/modules/services/security/authelia.nix index 143c441c7e153..28c5fd0a1df59 100644 --- a/nixos/modules/services/security/authelia.nix +++ b/nixos/modules/services/security/authelia.nix @@ -336,7 +336,7 @@ in ProtectProc = "noaccess"; ProtectSystem = "strict"; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; RestrictRealtime = true; RestrictSUIDSGID = true; |