JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #81297 from Mic92/sslh

Browse Source 
nixos/sslh: don't run as nogroup
This commit is contained in:
Jörg Thalheim 2020-03-01 12:18:09 +00:00 committed by GitHub
commit 1b92a08a71
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/services/networking/sslh.nix
View File

@ -77,19 +77,14 @@ in
config = mkMerge [
(mkIf cfg.enable {
users.users.${user} = {
description = "sslh daemon user";
isSystemUser = true;
};
systemd.services.sslh = {
description = "Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = user;
Group = "nogroup";
DynamicUser = true;
User = "sslh";
PermissionsStartOnly = true;
Restart = "always";
RestartSec = "1s";