nixos/esphome: fix bwrap

2023-11-28 00:48:30 +01:00
parent 501680a656
commit 9f563e21ac
1 changed files with 3 additions and 3 deletions
--- a/nixos/modules/services/home-automation/esphome.nix
+++ b/nixos/modules/services/home-automation/esphome.nix
@@ -107,10 +107,10 @@ in
        ProtectClock = true;
        ProtectControlGroups = true;
        ProtectHome = true;
-        ProtectHostname = true;
-        ProtectKernelLogs = true;
+        ProtectHostname = false; # breaks bwrap
+        ProtectKernelLogs = false; # breaks bwrap
        ProtectKernelModules = true;
-        ProtectKernelTunables = true;
+        ProtectKernelTunables = false; # breaks bwrap
        ProtectProc = "invisible";
        ProcSubset = "all"; # Using "pid" breaks bwrap
        ProtectSystem = "strict";