give certbot access to /etc/nginx/ocsp-cache

2024-06-29 07:42:07 +00:00 · 2022-08-27 17:22:23 -04:00 · 2022-08-27 17:22:23 -04:00 · 8482ac5144
commit 8482ac5144
parent 2cf0966847
1 changed files with 1 additions and 1 deletions
--- a/systemd/system/certbot-renew.service.d/local.conf
+++ b/systemd/system/certbot-renew.service.d/local.conf
@ -18,7 +18,7 @@ ProtectKernelModules=true
 ProtectKernelTunables=true
 ProtectProc=invisible
 ProtectSystem=strict
-ReadWritePaths=/etc/letsencrypt /var/lib/letsencrypt /var/log/letsencrypt -/srv/certbot
+ReadWritePaths=/etc/letsencrypt /var/lib/letsencrypt /var/log/letsencrypt -/srv/certbot /etc/nginx/ocsp-cache
 RemoveIPC=true
 RestrictAddressFamilies=AF_INET AF_INET6
 RestrictNamespaces=true