dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

fix: allow forgejo to bind to tcp port 22

Browse source
This commit is contained in:
Tim Schubert 2024-07-04 23:12:12 +02:00
parent 7e464a5f26
commit 149a431301
Signed by: dadada
SSH key fingerprint: SHA256:bFAjFH3hR8zRBaJjzQDjc3o4jqoq5EZ87l+KXEjxIz0
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/modules/gitea.nix
View file

@ -74,6 +74,12 @@ in
vmOverCommit = true; vmOverCommit = true;
}; };
systemd.services.forgejo.serviceConfig = {
AmbientCapabilities = lib.mkForce "CAP_NET_BIND_SERVICE";
CapabilityBoundingSet = lib.mkForce "CAP_NET_BIND_SERVICE";
PrivateUsers = lib.mkForce false;
};
services.nginx.virtualHosts."git.${config.networking.domain}" = { services.nginx.virtualHosts."git.${config.networking.domain}" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;