summary refs log tree commit diff
path: root/nixos/modules/services/mail/public-inbox.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/services/mail/public-inbox.nix')
-rw-r--r--nixos/modules/services/mail/public-inbox.nix2
1 files changed, 2 insertions, 0 deletions
diff --git a/nixos/modules/services/mail/public-inbox.nix b/nixos/modules/services/mail/public-inbox.nix
index e53f3514a73..9aa38c4c1c8 100644
--- a/nixos/modules/services/mail/public-inbox.nix
+++ b/nixos/modules/services/mail/public-inbox.nix
@@ -460,6 +460,8 @@ in
           after = [ "public-inbox-init.service" "public-inbox-watch.service" ];
           requires = [ "public-inbox-init.service" ];
           serviceConfig = {
+            BindPathsReadOnly =
+              map (c: c.dir) (lib.attrValues cfg.settings.coderepo);
             ExecStart = escapeShellArgs (
               [ "${cfg.package}/bin/public-inbox-httpd" ] ++
               cfg.http.args ++
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-03 17:28:56 +0000