nixos/unit: run Unit as root

In latest release recommended not set ambient capabilities.
2024-11-11 15:27:20 +03:00 · 2020-04-14 23:33:33 +03:00 · 2020-04-14 23:33:33 +03:00 · cfad151ac5
commit cfad151ac5
parent 3eb6012b64
1 changed files with 0 additions and 5 deletions
--- a/nixos/modules/services/web-servers/unit/default.nix
+++ b/nixos/modules/services/web-servers/unit/default.nix
@ -108,11 +108,6 @@ in {
        ExecStop = ''
          ${pkgs.curl}/bin/curl -X DELETE --unix-socket '/run/unit/control.unit.sock' 'http://localhost/config'
        '';
-        # User and group
-        User = cfg.user;
-        Group = cfg.group;
-        # Capabilities
-        AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" "CAP_SETGID" "CAP_SETUID" ];
        # Runtime directory and mode
        RuntimeDirectory = "unit";
        RuntimeDirectoryMode = "0750";