Add security.csm to ignored-acls

The security.csm ACL is, as far as I know, never reasonable to remove, so let's add it to the ignore-list in the vanilla nix image. This makes this image usable on GKE.
2022-06-06 16:56:42 +01:00 · 2022-06-06 16:56:42 +01:00 · 0cd560c95d
parent 1dd7253133
commit 0cd560c95d
1 changed files with 1 additions and 0 deletions
--- a/docker.nix
+++ b/docker.nix
@ -125,6 +125,7 @@ let
    sandbox = "false";
    build-users-group = "nixbld";
    trusted-public-keys = "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=";
+    ignored-acls = security.csm;
  };
  nixConfContents = (lib.concatStringsSep "\n" (lib.mapAttrsFlatten (n: v: "${n} = ${v}") nixConf)) + "\n";