From 53c6c32fb8c3300a46c35274367ed8012e937b7b Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Mon, 10 Jun 2024 00:45:19 +0200
Subject: [PATCH] tsuki/plex: remove security hardening, included in nixos
 24.05

---
 hosts/tsuki/services/plex.nix | 23 -----------------------
 1 file changed, 23 deletions(-)

diff --git a/hosts/tsuki/services/plex.nix b/hosts/tsuki/services/plex.nix
index df92160..9950022 100644
--- a/hosts/tsuki/services/plex.nix
+++ b/hosts/tsuki/services/plex.nix
@@ -5,27 +5,4 @@ in {
     enable = true;
     openFirewall = true;
   };
-
-  systemd.services.plex.serviceConfig = {
-    ReadWritePaths = [ cfg.dataDir ];
-    NoNewPrivileges = true;
-    PrivateDevices = true;
-    ProtectClock = true;
-    ProtectKernelLogs = true;
-    ProtectKernelModules = true;
-    PrivateMounts = true;
-    RestrictSUIDSGID = true;
-    ProtectHostname = true;
-    LockPersonality = true;
-    ProtectKernelTunables = true;
-    ProtectSystem = "strict";
-    ProtectProc = true;
-    ProtectHome = true;
-    # PrivateNetwork = true;
-    PrivateUsers = true;
-    PrivateTmp = true;
-    UMask = "0007";
-    # RestrictAddressFamilies = [ "AF_UNIX AF_INET AF_INET6" ];
-    SystemCallArchitectures = "native";
-  };
 }