webindex & onion-chef: Run non-network-facing services in PrivateNetwork
This commit is contained in:
parent
7c70dd43ac
commit
3cd61506e0
@ -88,6 +88,7 @@ in {
|
||||
RemainAfterExit="yes";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "10s";
|
||||
PrivateNetwork = "true"; # This service needs no network access
|
||||
} // (if cfg.enforceTor
|
||||
then nix-bitcoin-services.allowTor
|
||||
else nix-bitcoin-services.allowAnyIP
|
||||
|
@ -77,6 +77,7 @@ in {
|
||||
ExecStart = "${pkgs.bash}/bin/bash ${onion-chef-script}";
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
PrivateNetwork = "true"; # This service needs no network access
|
||||
};
|
||||
};
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user