diff options
author | Martin Weinelt <mweinelt@users.noreply.github.com> | 2021-08-23 23:28:33 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-23 23:28:33 +0200 |
commit | 699b4f6fee7be59d3be4aeffbf36e76fe6be0011 (patch) | |
tree | 72fb5a562867326110451af789e57c1cedd79206 /nixos | |
parent | 8056e5c346c6ed3955d00fd165df35ac6aebdc67 (diff) | |
parent | fa80ed695b44e91cb69ea087ef614cbb1a310286 (diff) |
Merge pull request #135472 from em0lar/paperless-ng/postgresql
nixos/paperless-ng: allow using postgresql via a unix socket
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/misc/paperless-ng.nix | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/nixos/modules/services/misc/paperless-ng.nix b/nixos/modules/services/misc/paperless-ng.nix index 9eaf8fa8859c..0434b222d334 100644 --- a/nixos/modules/services/misc/paperless-ng.nix +++ b/nixos/modules/services/misc/paperless-ng.nix @@ -29,6 +29,7 @@ let "-/etc/nsswitch.conf" "-/etc/hosts" "-/etc/localtime" + "-/run/postgresql" ]; BindPaths = [ cfg.consumptionDir @@ -60,7 +61,7 @@ let ProtectKernelModules = true; ProtectKernelTunables = true; ProtectProc = "invisible"; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; + RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; RestrictNamespaces = true; RestrictRealtime = true; RestrictSUIDSGID = true; |