ad23b508e3
ProtectSystem=full disables writing to /etc which is the default
secrets location.
Besides that, hardening is pointless for {generate,setup}-secrets which
don't read external input and are fully under our control.
|
||
|---|---|---|
| .. | ||
| generate-secrets.nix | ||
| secrets.nix | ||