From 259d112c054bc91de15427b7611abe3b77f27171 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Mon, 2 Oct 2023 01:05:00 +0300 Subject: [PATCH] nixos/gonic: allow gonic to perform non-local DNS resolution Gonic accesses external services (e.g. Listenbrainz or last.FM) for scrobbling, but it was previously not allowed to read `/etc/resolv.conf`. This had the effect that, unless a local resolver was configured on the system, any connection attempt would fail due to DNS resolution being unavailable. --- nixos/modules/services/audio/gonic.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/modules/services/audio/gonic.nix b/nixos/modules/services/audio/gonic.nix index 65cf10f2c4b4..66daeb60b503 100644 --- a/nixos/modules/services/audio/gonic.nix +++ b/nixos/modules/services/audio/gonic.nix @@ -57,6 +57,7 @@ in ReadWritePaths = ""; BindReadOnlyPaths = [ # gonic can access scrobbling services + "-/etc/resolv.conf" "-/etc/ssl/certs/ca-certificates.crt" builtins.storeDir cfg.settings.podcast-path