1
0

Made cmd arguments long.

This commit is contained in:
Alexander Andreev 2023-09-23 04:37:48 +04:00
parent ff70cd8ade
commit db34c5d249
Signed by: Arav
GPG Key ID: D22A817D95815393
2 changed files with 23 additions and 6 deletions

View File

@ -21,11 +21,11 @@ import (
var version string var version string
var showVersion *bool = flag.Bool("v", false, "show version") var showVersion *bool = flag.Bool("v", false, "show version")
var listenAddress *string = flag.String("l", "/var/run/dwelling-home/sock", "listen address (ip:port|unix_path)") var listenAddress *string = flag.String("listen", "/var/run/dwelling-home/sock", "listen address (ip:port|unix_path)")
var captchaExpiry *time.Duration = flag.Duration("ce", 10*time.Minute, "CAPTCHA expiry (e.g. 5m, 60s)") var captchaExpiry *time.Duration = flag.Duration("captcha-expiry", 10*time.Minute, "CAPTCHA expiry (e.g. 5m, 60s)")
var guestbookOwner *string = flag.String("gbo", "Admin", "name of a guestbook owner") var guestbookOwner *string = flag.String("guestbook-owner", "Admin", "name of a guestbook owner")
var guestbookPageSize *int64 = flag.Int64("gbp", 60, "size of a guestbook page") var guestbookPageSize *int64 = flag.Int64("guestbook-page-size", 60, "size of a guestbook page")
var databasesPath *string = flag.String("db", "/var/lib/dwelling-home", "path to a directory where to store DB files") var databasesPath *string = flag.String("database-path", "/var/lib/dwelling-home", "path to a directory where to store DB files")
func main() { func main() {
flag.Parse() flag.Parse()

View File

@ -6,7 +6,9 @@ After=network-online.target
Type=simple Type=simple
Restart=on-failure Restart=on-failure
DynamicUser=yes DynamicUser=yes
ExecStart=/usr/bin/dwelling-home -l /var/run/dwelling-home/sock -db /var/lib/dwelling-home -ce 10m -gbo Arav -gbp 60 ExecStart=/usr/bin/dwelling-home -listen /var/run/dwelling-home/sock \
-database-path /var/lib/dwelling-home -captcha-expiry 10m \
-guestbook-owner Arav -guestbook-page-size 60
ReadOnlyPaths=/ ReadOnlyPaths=/
@ -20,18 +22,33 @@ LockPersonality=true
MemoryDenyWriteExecute=true MemoryDenyWriteExecute=true
NoNewPrivileges=true NoNewPrivileges=true
PrivateDevices=true PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
ProcSubset=pid
ProtectClock=true ProtectClock=true
ProtectControlGroups=true ProtectControlGroups=true
ProtectHome=true ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true ProtectKernelLogs=true
ProtectKernelModules=true ProtectKernelModules=true
ProtectKernelTunables=true ProtectKernelTunables=true
ProtectProc=noaccess
ProtectSystem=strict ProtectSystem=strict
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true RestrictNamespaces=true
RestrictRealtime=true RestrictRealtime=true
RestrictSUIDSGID=true RestrictSUIDSGID=true
SystemCallArchitectures=native SystemCallArchitectures=native
SystemCallFilter=~@clock
SystemCallFilter=~@cpu-emulation
SystemCallFilter=~@debug
SystemCallFilter=~@module
SystemCallFilter=~@mount
SystemCallFilter=~@obsolete
SystemCallFilter=~@privileged
SystemCallFilter=~@raw-io
SystemCallFilter=~@reboot
SystemCallFilter=~@swap
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target