nixos/matrix-appservice-irc: update syscall filter

        LockPersonality = true;

        RestrictRealtime = true;

        PrivateMounts = true;

        SystemCallFilter = "~@aio @clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @setuid @swap";

        SystemCallFilter = [

          "@system-service @pkey"

          "~@privileged @resources"

        ];

        SystemCallArchitectures = "native";

        # AF_UNIX is required to connect to a postgres socket.

        RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";