fix(cloudflared): explicit user

2026-02-09 04:19:19 -08:00 · 2025-09-17 14:32:14 -07:00 · 2025-09-17 14:32:14 -07:00 · e0fe5bcd6f
commit e0fe5bcd6f
parent d80fd6fd5f
4 changed files with 22 additions and 6 deletions
--- a/nixos/cloudflared.nix
+++ b/nixos/cloudflared.nix
@ -11,6 +11,9 @@ in {
      enable = mkDefault true;
      metricsPort = mkDefault 3011;
      metricsBind = "[::]";
+      systemd.extraServiceSettings = {
+        serviceConfig.User = mkDefault "cloudflared";
+      };
    };
    users = mkIf cfg.enable {
      users.cloudflared = {
@ -26,8 +29,8 @@ in {
    };
    boot.kernel.sysctl = mkIf (!config.boot.isContainer && cfg.enable) {
      # https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
-      "net.core.rmem_max" = mkDefault 2500000;
-      "net.core.wmem_max" = mkDefault 2500000;
+      "net.core.rmem_max" = mkDefault 7500000;
+      "net.core.wmem_max" = mkDefault 7500000;
    };
  };
 }