public/PriceBot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Try removing some of the restrictions

Browse Source
This commit is contained in:
niten 2022-06-19 16:55:46 -07:00
parent c5f2a7cdde
commit 917f2e5a93
1 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
module.nix
View File

@ -62,25 +62,24 @@ in {
environment = { environment = {
PRICEBOT_EXCHANGE_HOST = cfg.exchange-host; PRICEBOT_EXCHANGE_HOST = cfg.exchange-host;
PRICEBOT_BEBOT_URL = cfg.mattermost-url; PRICEBOT_BEBOT_URL = cfg.mattermost-url;
# PRICEBOT_BEBOT_AUTH_TOKEN_FILE = "%d/auth.token"; PRICEBOT_BEBOT_AUTH_TOKEN_FILE = "%d/auth.token";
PRICEBOT_BEBOT_CHANNEL_ID = opts.mattermost-channel-id; PRICEBOT_BEBOT_CHANNEL_ID = opts.mattermost-channel-id;
PRICEBOT_TARGET_CURRENCY = opts.currency; PRICEBOT_TARGET_CURRENCY = opts.currency;
PRICEBOT_NOTIFY_USER = opts.notify-user; PRICEBOT_NOTIFY_USER = opts.notify-user;
}; };
serviceConfig = { serviceConfig = {
ExecStart = ExecStart = "${pricebot}/bin/pricebot";
"${pricebot}/bin/pricebot \${CREDENTIALS_DIRECTORY}/auth.token";
DynamicUser = true; DynamicUser = true;
PrivateTmp = true; # PrivateTmp = true;
PrivateDevices = true; # PrivateDevices = true;
ProtectSystem = "strict"; # ProtectSystem = "strict";
ProtectControlGroups = true; # ProtectControlGroups = true;
ProtectKernelTunables = true; # ProtectKernelTunables = true;
ProtectKernelModules = true; # ProtectKernelModules = true;
ProtectHostname = true; # ProtectHostname = true;
ProtectHome = true; # ProtectHome = true;
ProtectClock = true; # ProtectClock = true;
ProtectKernelLogs = true; # ProtectKernelLogs = true;
Restart = "always"; Restart = "always";
StandardOutput = "journal"; StandardOutput = "journal";
}; };