rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-04-25 16:08:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

nuc: networking updates

Browse source
This commit is contained in:
Rouven Seifert 2024-05-13 11:59:14 +02:00
parent 77b3d974c5
commit d2353d8b59
4 changed files with 15 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
hosts/nuc/modules/torrent/default.nix
View file

@ -78,7 +78,7 @@ in
Group = cfg.user;
Restart = "always";
PrivateNetwork = true;
# PrivateNetwork = true;
NetworkNamespacePath = "/var/run/netns/torrent";
ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --profile=${cfg.stateDir} --webui-port=${toString cfg.port}";
@ -88,9 +88,9 @@ in
# Avoid using nscd (leaks dns)
InaccessiblePaths = [ "/run/nscd" ];
# BindReadOnlyPaths = [
# "/etc/netns/mullvad/resolv.conf:/etc/resolv.conf"
# ];
BindReadOnlyPaths = [
"/etc/netns/torrent/resolv.conf:/etc/resolv.conf"
];
# systemd-analyze --no-pager security qbittorrent.service
CapabilityBoundingSet = null;