@lamalibre/create-portlama 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/tasks/panel.js +4 -3
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lamalibre/create-portlama",
3
- "version": "1.0.3",
3
+ "version": "1.0.4",
4
4
  "description": "One-command setup for secure reverse tunnels with a management dashboard",
5
5
  "type": "module",
6
6
  "license": "MIT",
package/src/tasks/panel.js CHANGED
@@ -239,10 +239,11 @@ StandardError=journal
239
239
  SyslogIdentifier=portlama-panel
240
240
 
241
241
  # Security hardening
242
- NoNewPrivileges=true
243
- ProtectSystem=strict
242
+ # Note: NoNewPrivileges is intentionally omitted — the panel needs sudo
243
+ # for provisioning (Chisel, Authelia, certbot, nginx, systemctl).
244
+ # Access is restricted via fine-grained sudoers rules in /etc/sudoers.d/portlama.
244
245
  ProtectHome=true
245
- ReadWritePaths=${configDir}
246
+ ReadWritePaths=${configDir} /var/www/portlama
246
247
  PrivateTmp=true
247
248
 
248
249
  [Install]