From 9272b8ef79160cf127bb8497c02cec4a8b014ed4 Mon Sep 17 00:00:00 2001
From: Sandro <sandro.jaeckel@gmail.com>
Date: Fri, 5 Jan 2024 15:01:04 +0100
Subject: nixos/miniflux: allow members of miniflux group to read runtime
 directory

Otherwise a proxy server that has the miniflux group cannot read files in the runtime directory like a socket miniflux can listen on.
---
 nixos/modules/services/web-apps/miniflux.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'nixos')

diff --git a/nixos/modules/services/web-apps/miniflux.nix b/nixos/modules/services/web-apps/miniflux.nix
index a500008fc7925..284809831cd44 100644
--- a/nixos/modules/services/web-apps/miniflux.nix
+++ b/nixos/modules/services/web-apps/miniflux.nix
@@ -90,7 +90,7 @@ in
         User = "miniflux";
         DynamicUser = true;
         RuntimeDirectory = "miniflux";
-        RuntimeDirectoryMode = "0700";
+        RuntimeDirectoryMode = "0750";
         EnvironmentFile = cfg.adminCredentialsFile;
         # Hardening
         CapabilityBoundingSet = [ "" ];
-- 
cgit 1.4.1