summaryrefslogtreecommitdiff
path: root/hosts/surtr/prometheus/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/surtr/prometheus/default.nix')
-rw-r--r--hosts/surtr/prometheus/default.nix6
1 files changed, 6 insertions, 0 deletions
diff --git a/hosts/surtr/prometheus/default.nix b/hosts/surtr/prometheus/default.nix
index 0f0cf586..685d117b 100644
--- a/hosts/surtr/prometheus/default.nix
+++ b/hosts/surtr/prometheus/default.nix
@@ -203,6 +203,12 @@ in {
203 }; 203 };
204 }; 204 };
205 205
206 systemd.services.prometheus = {
207 serviceConfig = {
208 SystemCallFilter = mkForce [ "@system-service" "~@privileged" ];
209 };
210 };
211
206 sops.secrets."prometheus.key" = { 212 sops.secrets."prometheus.key" = {
207 format = "binary"; 213 format = "binary";
208 sopsFile = ./tls.key; 214 sopsFile = ./tls.key;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 03:58:42 +0000