From 3e50cbc48ac7ea020f2be3503520dd5426771056 Mon Sep 17 00:00:00 2001 From: Dmitry Voronin Date: Fri, 15 Nov 2024 08:20:33 +0300 Subject: [PATCH] Cloud: Fix systemd HARDENING AGAIN FFS. --- container/Cloud.nix | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/container/Cloud.nix b/container/Cloud.nix index 2fad85d7..00450839 100644 --- a/container/Cloud.nix +++ b/container/Cloud.nix @@ -75,6 +75,29 @@ in { ]; }; }; + + # HACK: This is required for TCP postgres connection. + systemd = { + services = { + nextcloud-setup = { + serviceConfig.PrivateNetwork = lib.mkForce false; + wantedBy = lib.mkForce [ ]; + }; + nextcloud-update-db = { + serviceConfig.PrivateNetwork = lib.mkForce false; + wantedBy = lib.mkForce [ ]; + }; + }; + timers.fixsystemd = { + timerConfig = { + OnBootSec = 5; + Unit = "nextcloud-setup.service"; + }; + wantedBy = [ + "timers.target" + ]; + }; + }; }; }; };