From 1731e68e5f3ae06a10f82b8004d0d70c75781318 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Samuel=20=C5=A0tancl?= <samuel@archte.ch>
Date: Wed, 13 Aug 2025 03:05:25 +0200
Subject: [PATCH] Limit read perms on /srv and /home

---
 laravel.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/laravel.nix b/laravel.nix
index d1d85d0..ec2d6df 100644
--- a/laravel.nix
+++ b/laravel.nix
@@ -55,8 +55,8 @@ in {
 
   # Ensure directories exist with proper permissions
   systemd.tmpfiles.rules = [
-    "d /srv 0755 root root - -"
-    "d /home 0755 root root - -"
+    "d /srv 0751 root root - -"
+    "d /home 0751 root root - -"
     "d /srv/${name} 0750 ${mkUsername name} ${mkUsername name} - -"
     "C /home/${mkUsername name}/.bashrc 0640 ${mkUsername name} ${mkUsername name} - /etc/laravel-${name}-bashrc"
   ];