From 11a2c1d12916d2528cd9e4ec8d684ded8615a80e Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 27 Dec 2022 18:51:20 +0100
Subject: [PATCH] added "CAP_NET_BIND_SERVICE" to debian service to allow low
 range ports for non root user "www-data"

---
 README.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 6c79e9b..6b014e5 100644
--- a/README.md
+++ b/README.md
@@ -102,9 +102,6 @@ volumes:
 
 Tested on `Debian 11 (bullseye)`, Ubuntu may also work.
 
-**We are running on port `9443` because we are running service as `www-data`-user and non-root users are not allowed to
-use ports below 1024!**
-
 **Install requirements**
 
 ```shell
@@ -153,7 +150,7 @@ su - www-data -c "/opt/fastapi-dls/venv/bin/uvicorn main:app --app-dir=/opt/fast
 ```shell
 cat <<EOF > /etc/fastapi-dls.env
 DLS_URL=127.0.0.1
-DLS_PORT=9443
+DLS_PORT=443
 LEASE_EXPIRE_DAYS=90
 DATABASE=sqlite:////opt/fastapi-dls/app/db.sqlite
 
@@ -171,6 +168,7 @@ After=network.target
 [Service]
 User=www-data
 Group=www-data
+AmbientCapabilities=CAP_NET_BIND_SERVICE
 WorkingDirectory=/opt/fastapi-dls/app
 EnvironmentFile=/etc/fastapi-dls.env
 ExecStart=/opt/fastapi-dls/venv/bin/uvicorn main:app \