archives/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2026-03-08 01:24:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

clash-verge-rev: 2.4.3 -> 2.4.6; nixos/clash-verge: add group option (#486142)

Browse source
This commit is contained in:
Sandro 2026-03-04 00:40:07 +00:00 committed by GitHub
commit 4e884ec142
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 100 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

17
nixos/modules/programs/clash-verge.nix
View file

@ -23,6 +23,17 @@
serviceMode = lib.mkEnableOption "Service Mode";
tunMode = lib.mkEnableOption "Setcap for TUN Mode. DNS settings won't work on this way";
autoStart = lib.mkEnableOption "Clash Verge auto launch";
group = lib.mkOption {
type = lib.types.str;
example = "wheel";
default = "users";
description = ''
The group to grant access to clash-verge-rev's service socket.
For better security, you should set a group that only contains
users who need to access clash-verge-rev's service socket.
'';
};
};
config =
@ -54,6 +65,7 @@
serviceConfig = {
ExecStart = "${cfg.package}/bin/clash-verge-service";
Restart = "on-failure";
Group = cfg.group;
ProtectSystem = "strict";
NoNewPrivileges = true;
ProtectHostname = true;
@ -88,8 +100,5 @@
};
};
meta.maintainers = with lib.maintainers; [
bot-wxt1221
Guanran928
];
meta.maintainers = pkgs.clash-verge-rev.meta.maintainers;
}