server: disable landlock in systemd daemon

This ensures that reloads work correctly

src/main.rs

@@ -147,8 +147,10 @@ fn handle_server_command(args: &Args) -> anyhow::Result<Option<()>> {
                 "The executable should not be SUID or SGID when running the server manually"
             );
 
-            landlock_restrict_server(args.config.as_deref())
-                .context("Failed to apply Landlock restrictions to the server process")?;
+            if !command.disable_landlock {
+                landlock_restrict_server(args.config.as_deref())
+                    .context("Failed to apply Landlock restrictions to the server process")?;
+            }
 
             tokio_start_server(
                 args.config.to_owned(),

src/server/command.rs

@@ -10,10 +10,13 @@ use crate::{core::common::DEFAULT_CONFIG_PATH, server::supervisor::Supervisor};
 #[derive(Parser, Debug, Clone)]
 pub struct ServerArgs {
     #[command(subcommand)]
-    subcmd: ServerCommand,
+    pub subcmd: ServerCommand,
 
     #[arg(long)]
-    systemd: bool,
+    pub systemd: bool,
+
+    #[arg(long)]
+    pub disable_landlock: bool,
 }
 
 #[derive(Parser, Debug, Clone)]