commit ad88f1040e2556ba678afb33dac28387ddd3543a · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

privoxy service: additional isolation

Joachim Fasting 9 years ago ad88f104 54cea02d

options

unified split

Changed files

nixos

modules

services

networking

privoxy.nix

nixos/modules/services/networking/privoxy.nix

···

       100
       100
        
             after = [ "network.target" "nss-lookup.target" ];

     

       101
       101
        
             wantedBy = [ "multi-user.target" ];

     

       102
       102
        
             serviceConfig.ExecStart = "${privoxy}/sbin/privoxy --no-daemon --user ${privoxyUser} ${confFile}";

     

       103
       103
       +
       

     

       104
       104
       +
             serviceConfig.PrivateDevices = true;

     

       105
       105
       +
             serviceConfig.PrivateTmp = true;

     

       106
       106
       +
             serviceConfig.ProtectHome = true;

     

       107
       107
       +
             serviceConfig.ProtectSystem = "full";

     

       103
       108
        
           };

     

       104
       109
        
       

     

       105
       110
        
         };