mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-10-20 04:33:19 +02:00
Merge pull request #20919 from joachifm/privoxy-service-improvements
Privoxy service improvements
This commit is contained in:
commit
e436874ef0
|
@ -58,7 +58,6 @@
|
|||
#utmp = 29; # unused
|
||||
ddclient = 30;
|
||||
davfs2 = 31;
|
||||
privoxy = 32;
|
||||
#disnix = 33; # unused
|
||||
osgi = 34;
|
||||
tor = 35;
|
||||
|
@ -322,7 +321,6 @@
|
|||
utmp = 29;
|
||||
#ddclient = 30; # unused
|
||||
davfs2 = 31;
|
||||
privoxy = 32;
|
||||
disnix = 33;
|
||||
osgi = 34;
|
||||
tor = 35;
|
||||
|
|
|
@ -6,8 +6,6 @@ let
|
|||
|
||||
inherit (pkgs) privoxy;
|
||||
|
||||
privoxyUser = "privoxy";
|
||||
|
||||
cfg = config.services.privoxy;
|
||||
|
||||
confFile = pkgs.writeText "privoxy.conf" ''
|
||||
|
@ -88,18 +86,25 @@ in
|
|||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = singleton
|
||||
{ name = privoxyUser;
|
||||
uid = config.ids.uids.privoxy;
|
||||
description = "Privoxy daemon user";
|
||||
};
|
||||
|
||||
users.users.privoxy = {
|
||||
isSystemUser = true;
|
||||
home = "/var/empty";
|
||||
group = "privoxy";
|
||||
};
|
||||
|
||||
users.groups.privoxy = {};
|
||||
|
||||
systemd.services.privoxy = {
|
||||
description = "Filtering web proxy";
|
||||
after = [ "network.target" "nss-lookup.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.ExecStart = "${privoxy}/sbin/privoxy --no-daemon --user ${privoxyUser} ${confFile}";
|
||||
serviceConfig.ExecStart = "${privoxy}/bin/privoxy --no-daemon --user privoxy ${confFile}";
|
||||
|
||||
serviceConfig.PrivateDevices = true;
|
||||
serviceConfig.PrivateTmp = true;
|
||||
serviceConfig.ProtectHome = true;
|
||||
serviceConfig.ProtectSystem = "full";
|
||||
};
|
||||
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue