From 0d47b301e1adbf3e25338f50e176a0bb227a4bff Mon Sep 17 00:00:00 2001
From: Dennis Eriksen <d@ennis.no>
Date: Mon, 3 May 2021 15:18:23 +0200
Subject: a few more updates

---
 mkosi.build                                        | 2 +-
 mkosi.extra/etc/systemd/system/vaultwarden.service | 2 +-
 mkosi.nspawn                                       | 3 +++
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/mkosi.build b/mkosi.build
index 0fac659..85883ac 100755
--- a/mkosi.build
+++ b/mkosi.build
@@ -5,7 +5,7 @@ export RUSTUP_HOME=/root/.rustup \
        PATH=/root/.cargo/bin:$PATH \
        RUST_VERSION=1.40.0 \
        DB=postgresql \
-       VAULT_VERSION=v2.15.1
+       VAULT_VERSION=v2.19.0d
 
 mkdir /root/src && cd /root/src
 git clone https://github.com/dani-garcia/vaultwarden.git
diff --git a/mkosi.extra/etc/systemd/system/vaultwarden.service b/mkosi.extra/etc/systemd/system/vaultwarden.service
index 6000845..b72ea8f 100644
--- a/mkosi.extra/etc/systemd/system/vaultwarden.service
+++ b/mkosi.extra/etc/systemd/system/vaultwarden.service
@@ -13,7 +13,7 @@ EnvironmentFile=/etc/vaultwarden/vaultwarden.env
 ExecStart=/usr/local/bin/vaultwarden
 # Set reasonable connection and process limits
 LimitNOFILE=1048576
-LimitNPROC=64
+LimitNPROC=128
 # Isolate vaultwarden from the rest of the system
 PrivateTmp=true
 PrivateDevices=true
diff --git a/mkosi.nspawn b/mkosi.nspawn
index 6990d4c..21254ed 100644
--- a/mkosi.nspawn
+++ b/mkosi.nspawn
@@ -6,6 +6,9 @@ NoNewPrivileges=yes
 PrivateUsers=pick
 LinkJournal=try-host
 
+# 65536*443
+PrivateUsers=29032448
+
 [Files]
 PrivateUsersChown=true
 BindReadOnly=/etc/vaultwarden/vaultwarden.env
-- 
cgit v1.2.3