diff --git a/hosts/bekkalokk/services/website/fetch-gallery.nix b/hosts/bekkalokk/services/website/fetch-gallery.nix index bd13460..a96d70e 100644 --- a/hosts/bekkalokk/services/website/fetch-gallery.nix +++ b/hosts/bekkalokk/services/website/fetch-gallery.nix @@ -70,7 +70,7 @@ in { MemoryDenyWriteExecute = true; NoNewPrivileges = true; # disable for third party rotate scripts PrivateDevices = true; - #PrivateNetwork = true; # disable for mail delivery + PrivateNetwork = true; # disable for mail delivery PrivateTmp = true; ProtectClock = true; ProtectControlGroups = true; @@ -84,7 +84,7 @@ in { RestrictNamespaces = true; RestrictRealtime = true; RestrictSUIDSGID = true; # disable for creating setgid directories - #SocketBindDeny = [ "any" ]; + SocketBindDeny = [ "any" ]; SystemCallArchitectures = "native"; SystemCallFilter = [ "@system-service"