aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xmkosi.build2
-rw-r--r--mkosi.extra/etc/systemd/system/vaultwarden.service2
-rw-r--r--mkosi.nspawn3
3 files changed, 5 insertions, 2 deletions
diff --git a/mkosi.build b/mkosi.build
index 0fac659..85883ac 100755
--- a/mkosi.build
+++ b/mkosi.build
@@ -5,7 +5,7 @@ export RUSTUP_HOME=/root/.rustup \
PATH=/root/.cargo/bin:$PATH \
RUST_VERSION=1.40.0 \
DB=postgresql \
- VAULT_VERSION=v2.15.1
+ VAULT_VERSION=v2.19.0d
mkdir /root/src && cd /root/src
git clone https://github.com/dani-garcia/vaultwarden.git
diff --git a/mkosi.extra/etc/systemd/system/vaultwarden.service b/mkosi.extra/etc/systemd/system/vaultwarden.service
index 6000845..b72ea8f 100644
--- a/mkosi.extra/etc/systemd/system/vaultwarden.service
+++ b/mkosi.extra/etc/systemd/system/vaultwarden.service
@@ -13,7 +13,7 @@ EnvironmentFile=/etc/vaultwarden/vaultwarden.env
ExecStart=/usr/local/bin/vaultwarden
# Set reasonable connection and process limits
LimitNOFILE=1048576
-LimitNPROC=64
+LimitNPROC=128
# Isolate vaultwarden from the rest of the system
PrivateTmp=true
PrivateDevices=true
diff --git a/mkosi.nspawn b/mkosi.nspawn
index 6990d4c..21254ed 100644
--- a/mkosi.nspawn
+++ b/mkosi.nspawn
@@ -6,6 +6,9 @@ NoNewPrivileges=yes
PrivateUsers=pick
LinkJournal=try-host
+# 65536*443
+PrivateUsers=29032448
+
[Files]
PrivateUsersChown=true
BindReadOnly=/etc/vaultwarden/vaultwarden.env
generated by cgit, for Dennis Eriksen