nix/lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[mc-clj] Remove limitations on systemd job.

Browse Source 
The service is failing to acquire a lock, might be related to the
restrictions. If so, I can start re-enabling them to see what did it.
This commit is contained in:
niten 2022-09-15 11:01:33 -07:00
parent 3d3eaa9cd7
commit ff1aa983bf
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
lib/fudo/minecraft-clj.nix
View File

@ -224,7 +224,7 @@ in {
cp -f ${props-file} ${stateDir}/server.properties cp -f ${props-file} ${stateDir}/server.properties
cp -f ${eula-file} ${stateDir}/eula.txt cp -f ${eula-file} ${stateDir}/eula.txt
mkdir -p ${stateDir}/plugins mkdir -p ${stateDir}/plugins
cp ${witchcraft-plugin} ${stateDir}/plugins/witchcraft-plugin.jar cp -f ${witchcraft-plugin} ${stateDir}/plugins/witchcraft-plugin.jar
chmod u+w ${stateDir}/server.properties chmod u+w ${stateDir}/server.properties
''; '';
@ -248,17 +248,17 @@ in {
in "${pkgs.papermc}/bin/minecraft-server ${flagStr}"; in "${pkgs.papermc}/bin/minecraft-server ${flagStr}";
Restart = "always"; Restart = "always";
NoNewPrivileges = true; # NoNewPrivileges = true;
PrivateTmp = true; # PrivateTmp = true;
PrivateDevices = true; # PrivateDevices = true;
ProtectSystem = "strict"; # ProtectSystem = "strict";
ProtectHome = true; # ProtectHome = true;
ProtectControlGroups = true; # ProtectControlGroups = true;
ProtectKernelModules = true; # ProtectKernelModules = true;
ProtectKernelTunables = true; # ProtectKernelTunables = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictRealtime = true; # RestrictRealtime = true;
RestrictNamespaces = true; # RestrictNamespaces = true;
ReadWritePaths = [ cfg.state-directory ]; ReadWritePaths = [ cfg.state-directory ];
}; };
}) cfg.worlds; }) cfg.worlds;