Try adding BPF capability for credential-in-container support

2024-01-21 18:26:56 -08:00 · 2024-01-21 18:26:56 -08:00 · d91c7b7c98
parent e50930a4dc
commit d91c7b7c98
1 changed files with 4 additions and 1 deletions
--- a/lemmy-container.nix
+++ b/lemmy-container.nix
@ -25,7 +25,10 @@ let
            ];
            ports = [ "${toString cfg.port}:80" ];
            networks = [ "external_network" ];
-            capabilities.SYS_ADMIN = true;
+            capabilities = {
+              BPF = true;
+              SYS_ADMIN = true;
+            };
          };
          nixos = {
            useSystemd = true;