Skip to content

Commit

Permalink
Add more capabilities for systemd
Browse files Browse the repository at this point in the history 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
  • Loading branch information
@kradalby @juanfont
kradalby authored and juanfont committed Apr 20, 2023
1 parent a71cc81 commit a5afe4b
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@

### Changes

## 0.22.1 (2023-04-20)

### Changes

- Fix issue where SystemD could not bind to port 80 [#1365](https://github.com/juanfont/headscale/pull/1365)

## 0.22.0 (2023-04-20)

### Changes
Expand Down
2 changes: 1 addition & 1 deletion docs/packaging/headscale.systemd.service
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ WorkingDirectory=/var/lib/headscale
ReadWritePaths=/var/lib/headscale /var/run

AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_CHOWN
CapabilityBoundingSet=CAP_CHOWN
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_CHOWN
LockPersonality=true
NoNewPrivileges=true
PrivateDevices=true
Expand Down

1 comment on commit a5afe4b

@TimDowker
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This also fixes #1342

Please sign in to comment.