Bugfix and Docs

2026-03-10 13:12:57 +00:00
parent 3516ff8486
commit ac4d77dddf
75 changed files with 3511 additions and 5142 deletions
--- a/install.sh
+++ b/install.sh
@@ -392,7 +392,7 @@ else
  ok "Benutzer '$SERVICE_USER' angelegt"
 fi

-for grp in cdrom optical disk; do
+for grp in cdrom optical disk video render; do
  if getent group "$grp" &>/dev/null; then
    usermod -aG "$grp" "$SERVICE_USER" 2>/dev/null || true
    info "Benutzer '$SERVICE_USER' zur Gruppe '$grp' hinzugefügt"
@@ -541,6 +541,16 @@ StandardOutput=journal
 StandardError=journal
 SyslogIdentifier=ripster-backend

+# Device-Zugriff fuer GPU und CD-ROM
+DeviceAllow=/dev/sr0 rw
+DeviceAllow=/dev/nvidia0 rw
+DeviceAllow=/dev/nvidiactl rw
+DeviceAllow=/dev/nvidia-uvm rw
+DeviceAllow=/dev/nvidia-uvm-tools rw
+DeviceAllow=/dev/dri/renderD128 rw
+DeviceAllow=/dev/dri/renderD129 rw
+SupplementaryGroups=video render cdrom disk
+
 NoNewPrivileges=true
 ProtectSystem=full
 ProtectHome=read-only