From c4fd2b7318c7e3cdaa2467ef0a9dfc2f6c34c6fa Mon Sep 17 00:00:00 2001
From: Mathijs Kwik <mathijs@bluescreen303.nl>
Date: Tue, 5 Jun 2018 11:27:03 +0200
Subject: [PATCH] nixos/docker-registry: allow running on ports < 1024

---
 nixos/modules/services/misc/docker-registry.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nixos/modules/services/misc/docker-registry.nix b/nixos/modules/services/misc/docker-registry.nix
index fe0a8e58de3d..f628da4ac4c0 100644
--- a/nixos/modules/services/misc/docker-registry.nix
+++ b/nixos/modules/services/misc/docker-registry.nix
@@ -120,6 +120,7 @@ in {
       serviceConfig = {
         User = "docker-registry";
         WorkingDirectory = cfg.storagePath;
+        AmbientCapabilities = mkIf (cfg.port < 1024) "cap_net_bind_service";
       };
     };