From 03ea3ba1ed5583146a57a553b64deba59c570708 Mon Sep 17 00:00:00 2001
From: Joe Hermaszewski <git@monoid.al>
Date: Tue, 20 Apr 2021 15:48:50 +0800
Subject: [PATCH] modules.matrix-appservice-irc: allow connecting to unix
 sockets

In order to connect to postgres sockets.

This took a while to track down :/
---
 nixos/modules/services/misc/matrix-appservice-irc.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/misc/matrix-appservice-irc.nix b/nixos/modules/services/misc/matrix-appservice-irc.nix
index 63dc313ad10..a0a5973d30f 100644
--- a/nixos/modules/services/misc/matrix-appservice-irc.nix
+++ b/nixos/modules/services/misc/matrix-appservice-irc.nix
@@ -214,7 +214,8 @@ in {
         PrivateMounts = true;
         SystemCallFilter = "~@aio @clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @setuid @swap";
         SystemCallArchitectures = "native";
-        RestrictAddressFamilies = "AF_INET AF_INET6";
+        # AF_UNIX is required to connect to a postgres socket.
+        RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";
       };
     };