internal/html/generate.css

@@ -45,5 +45,9 @@
 }
 
 .code>.chroma {
-  @apply text-sm p-3 rounded;
+  @apply text-sm p-3 rounded overflow-scroll;
+}
+
+.chroma .line {
+  @apply overflow-scroll
 }

nix/module.nix

@@ -140,33 +140,6 @@ in
               Restart = "always";
               RestartSec = "15";
               WorkingDirectory = instanceCfg.homeDir;
-              ReadWritePaths = [ instanceCfg.homeDir ];
-              CapabilityBoundingSet = "";
-              NoNewPrivileges = true;
-              ProtectSystem = "strict";
-              ProtectHome = true;
-              PrivateTmp = true;
-              PrivateDevices = true;
-              PrivateUsers = true;
-              ProtectHostname = true;
-              ProtectClock = true;
-              ProtectKernelTunables = true;
-              ProtectKernelModules = true;
-              ProtectKernelLogs = true;
-              ProtectControlGroups = true;
-              RestrictAddressFamilies = [
-                "AF_UNIX"
-                "AF_INET"
-                "AF_INET6"
-              ];
-              RestrictNamespaces = true;
-              LockPersonality = true;
-              MemoryDenyWriteExecute = true;
-              RestrictRealtime = true;
-              RestrictSUIDSGID = true;
-              RemoveIPC = true;
-              PrivateMounts = true;
-              SystemCallArchitectures = "native";
               ExecStart =
                 let
                   configFile = pkgs.writeText "ugit-${name}.yaml" (