nixos/endlessh-go: fix DNS resolution

As suggested by toast003[1]. [1]: https://github.com/shizunge/endlessh-go/discussions/127#discussioncomment-11760912 (cherry picked from commit 99778e1)
NixOS · Jan 12, 2025 · 14d5e92 · 14d5e92
1 parent cb64f65
commit 14d5e92
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/nixos/modules/services/security/endlessh-go.nix b/nixos/modules/services/security/endlessh-go.nix
@@ -113,7 +113,13 @@ in
             );
           DynamicUser = true;
           RootDirectory = rootDirectory;
-          BindReadOnlyPaths = [ builtins.storeDir ];
+          BindReadOnlyPaths = [
+            builtins.storeDir
+            "-/etc/hosts"
+            "-/etc/localtime"
+            "-/etc/nsswitch.conf"
+            "-/etc/resolv.conf"
+          ];
           InaccessiblePaths = [ "-+${rootDirectory}" ];
           RuntimeDirectory = baseNameOf rootDirectory;
           RuntimeDirectoryMode = "700";