nixos/unit: run Unit as root

In latest release recommended not set ambient capabilities.
This commit is contained in:
Izorkin 2020-04-14 23:33:33 +03:00
parent 3eb6012b64
commit cfad151ac5

View file

@ -108,11 +108,6 @@ in {
ExecStop = ''
${pkgs.curl}/bin/curl -X DELETE --unix-socket '/run/unit/control.unit.sock' 'http://localhost/config'
'';
# User and group
User = cfg.user;
Group = cfg.group;
# Capabilities
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" "CAP_SETGID" "CAP_SETUID" ];
# Runtime directory and mode
RuntimeDirectory = "unit";
RuntimeDirectoryMode = "0750";