From 5f4fbd492ced71e1315f95c86452ca29d0d7178c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jadyn=20Emma=20J=C3=A4ger?= Date: Mon, 9 Sep 2024 13:14:35 +0200 Subject: [PATCH] feat(lego): Add cap_net_bind capabilities to systemd unit --- roles/lego/templates/lego@.service.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/lego/templates/lego@.service.j2 b/roles/lego/templates/lego@.service.j2 index de941cd..5b2a44c 100644 --- a/roles/lego/templates/lego@.service.j2 +++ b/roles/lego/templates/lego@.service.j2 @@ -7,6 +7,7 @@ EnvironmentFile={{ lego_base_path }}/%i.conf User={{ lego_systemd_user }} Group={{ lego_systemd_group }} ExecStart={{ lego_base_path }}/run.sh +AmbientCapabilities=CAP_NET_BIND_SERVICE [Install] WantedBy=basic.target