gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #240072 from NickCao/singbox-harden

Browse Source 
nixos/sing-box: set umask 0077 when generating configuration file
This commit is contained in:
Nick Cao
2023-06-27 20:34:18 +08:00
committed by GitHub
parent 1691ff977c e52b401a95
commit 694de8e63e
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/modules/services/networking/sing-box.nix
View File

@@ -56,6 +56,7 @@ in
systemd.services.sing-box = { systemd.services.sing-box = {
preStart = '' preStart = ''
umask 0077
mkdir -p /etc/sing-box mkdir -p /etc/sing-box
${utils.genJqSecretsReplacementSnippet cfg.settings "/etc/sing-box/config.json"} ${utils.genJqSecretsReplacementSnippet cfg.settings "/etc/sing-box/config.json"}
''; '';