Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity
nix-stuff/nixpkgs-patches/fix-endlessh-dns-resolution.patch
Toast c66d7c21da Flake: add nixpkgs pr
2025-01-09 11:17:28 +01:00

31 lines
1.2 KiB
Diff
Raw Blame History

From 99778e1bb590c984d91f39322e57d59220402c59 Mon Sep 17 00:00:00 2001
From: azahi <azat@bahawi.net>
Date: Wed, 8 Jan 2025 13:47:09 +0300
Subject: [PATCH] nixos/endlessh-go: fix DNS resolution
As suggested by toast003[1].
[1]: https://github.com/shizunge/endlessh-go/discussions/127#discussioncomment-11760912
---
nixos/modules/services/security/endlessh-go.nix | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/nixos/modules/services/security/endlessh-go.nix b/nixos/modules/services/security/endlessh-go.nix
index b8b51acc81d0e..5c69d412a7d3c 100644
--- a/nixos/modules/services/security/endlessh-go.nix
+++ b/nixos/modules/services/security/endlessh-go.nix
@@ -110,7 +110,13 @@ in
);
DynamicUser = true;
RootDirectory = rootDirectory;
- BindReadOnlyPaths = [ builtins.storeDir ];
+ BindReadOnlyPaths = [
+ builtins.storeDir
+ "-/etc/hosts"
+ "-/etc/localtime"
+ "-/etc/nsswitch.conf"
+ "-/etc/resolv.conf"
+ ];
InaccessiblePaths = [ "-+${rootDirectory}" ];
RuntimeDirectory = baseNameOf rootDirectory;
RuntimeDirectoryMode = "700";
Reference in a new issue View git blame Copy permalink