astelm
/
telemt
mirror of https://github.com/telemt/telemt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

systemd contrib, add sysuser & tmpfiles configs, fix service

This commit is contained in:
Дмитрий Марков 2026-03-12 12:47:03 +05:00
parent ae72e6f356
commit 5073248911
No known key found for this signature in database
GPG Key ID: 49CFEE49DBF77352
1 changed files with 2 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
contrib/systemd/telemt.service
View File

@ -8,22 +8,14 @@ Type=simple
User=telemt User=telemt
Group=telemt Group=telemt
WorkingDirectory=/var/lib/telemt WorkingDirectory=/var/lib/telemt
ExecStart=/bin/telemt /etc/telemt/telemt.toml ExecStart=/usr/bin/telemt /etc/telemt/telemt.toml
Restart=on-failure Restart=on-failure
RestartSec=10 RestartSec=10
LimitNOFILE=65536 LimitNOFILE=65536
AmbientCapabilities=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CapabilityBoundingSet=CAP_NET_BIND_SERVICE
NoNewPrivileges=true NoNewPrivileges=true
PrivateTmp=yes
PrivateDevices=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectControlGroups=yes
ProtectSystem=strict
ProtectHome=read-only
SystemCallFilter=~@mount
ReadWritePaths=/var/lib/telemt
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target