tlaternet/tlaternet-server
1
0
Fork 0
Code Issues10 Pull requests Releases Activity

treewide: Start using nixpkgs-fmt formatting

Browse source
This commit is contained in:
Tristan Daniël Maat 2024-06-28 20:12:55 +02:00
parent 501c3466bc
commit fd138d45e6
Signed by: tlater
GPG key ID: 49670FD774E43268
29 changed files with 812 additions and 767 deletions
configuration/services
afvalcalendar.nix

17
configuration/services/afvalcalendar.nix
View file

@ -1,12 +1,11 @@
{
pkgs,
config,
...
{ pkgs
, config
, ...
}: {
systemd.services.afvalcalendar = {
description = "Enschede afvalcalendar -> ical converter";
wantedBy = ["multi-user.target"];
after = ["network.target"];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
script = ''
${pkgs.local.afvalcalendar}/bin/afvalcalendar > /srv/afvalcalendar/afvalcalendar.ical
@ -26,14 +25,14 @@
ProtectKernelModules = true;
ProtectKernelLogs = true;
ProtectControlGroups = true;
RestrictAddressFamilies = ["AF_UNIX" "AF_INET" "AF_INET6"];
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = ["@system-service" "~@privileged @resources @setuid @keyring"];
SystemCallFilter = [ "@system-service" "~@privileged @resources @setuid @keyring" ];
Umask = 0002;
SupplementaryGroups = "afvalcalendar-hosting";
@ -50,7 +49,7 @@
root = "/srv/afvalcalendar";
};
users.groups.afvalcalendar-hosting = {};
users.groups.afvalcalendar-hosting = { };
systemd.tmpfiles.settings."10-afvalcalendar" = {
"/srv/afvalcalendar".d = {
user = "nginx";