Made cmd arguments long.
This commit is contained in:
parent
ff70cd8ade
commit
db34c5d249
GPG Key ID:
D22A817D95815393
@ -21,11 +21,11 @@ import (
|
|||||||
var version string
|
var version string
|
||||||
|
|
||||||
var showVersion *bool = flag.Bool("v", false, "show version")
|
var showVersion *bool = flag.Bool("v", false, "show version")
|
||||||
var listenAddress *string = flag.String("l", "/var/run/dwelling-home/sock", "listen address (ip:port|unix_path)")
|
var listenAddress *string = flag.String("listen", "/var/run/dwelling-home/sock", "listen address (ip:port|unix_path)")
|
||||||
var captchaExpiry *time.Duration = flag.Duration("ce", 10*time.Minute, "CAPTCHA expiry (e.g. 5m, 60s)")
|
var captchaExpiry *time.Duration = flag.Duration("captcha-expiry", 10*time.Minute, "CAPTCHA expiry (e.g. 5m, 60s)")
|
||||||
var guestbookOwner *string = flag.String("gbo", "Admin", "name of a guestbook owner")
|
var guestbookOwner *string = flag.String("guestbook-owner", "Admin", "name of a guestbook owner")
|
||||||
var guestbookPageSize *int64 = flag.Int64("gbp", 60, "size of a guestbook page")
|
var guestbookPageSize *int64 = flag.Int64("guestbook-page-size", 60, "size of a guestbook page")
|
||||||
var databasesPath *string = flag.String("db", "/var/lib/dwelling-home", "path to a directory where to store DB files")
|
var databasesPath *string = flag.String("database-path", "/var/lib/dwelling-home", "path to a directory where to store DB files")
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|||||||
@ -6,7 +6,9 @@ After=network-online.target
|
|||||||
Type=simple
|
Type=simple
|
||||||
Restart=on-failure
|
Restart=on-failure
|
||||||
DynamicUser=yes
|
DynamicUser=yes
|
||||||
ExecStart=/usr/bin/dwelling-home -l /var/run/dwelling-home/sock -db /var/lib/dwelling-home -ce 10m -gbo Arav -gbp 60
|
ExecStart=/usr/bin/dwelling-home -listen /var/run/dwelling-home/sock \
|
||||||
|
-database-path /var/lib/dwelling-home -captcha-expiry 10m \
|
||||||
|
-guestbook-owner Arav -guestbook-page-size 60
|
||||||
|
|
||||||
ReadOnlyPaths=/
|
ReadOnlyPaths=/
|
||||||
|
|
||||||
@ -20,18 +22,33 @@ LockPersonality=true
|
|||||||
MemoryDenyWriteExecute=true
|
MemoryDenyWriteExecute=true
|
||||||
NoNewPrivileges=true
|
NoNewPrivileges=true
|
||||||
PrivateDevices=true
|
PrivateDevices=true
|
||||||
|
PrivateTmp=true
|
||||||
|
PrivateUsers=true
|
||||||
|
ProcSubset=pid
|
||||||
ProtectClock=true
|
ProtectClock=true
|
||||||
ProtectControlGroups=true
|
ProtectControlGroups=true
|
||||||
ProtectHome=true
|
ProtectHome=true
|
||||||
|
ProtectHostname=true
|
||||||
ProtectKernelLogs=true
|
ProtectKernelLogs=true
|
||||||
ProtectKernelModules=true
|
ProtectKernelModules=true
|
||||||
ProtectKernelTunables=true
|
ProtectKernelTunables=true
|
||||||
|
ProtectProc=noaccess
|
||||||
ProtectSystem=strict
|
ProtectSystem=strict
|
||||||
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
|
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
|
||||||
RestrictNamespaces=true
|
RestrictNamespaces=true
|
||||||
RestrictRealtime=true
|
RestrictRealtime=true
|
||||||
RestrictSUIDSGID=true
|
RestrictSUIDSGID=true
|
||||||
SystemCallArchitectures=native
|
SystemCallArchitectures=native
|
||||||
|
SystemCallFilter=~@clock
|
||||||
|
SystemCallFilter=~@cpu-emulation
|
||||||
|
SystemCallFilter=~@debug
|
||||||
|
SystemCallFilter=~@module
|
||||||
|
SystemCallFilter=~@mount
|
||||||
|
SystemCallFilter=~@obsolete
|
||||||
|
SystemCallFilter=~@privileged
|
||||||
|
SystemCallFilter=~@raw-io
|
||||||
|
SystemCallFilter=~@reboot
|
||||||
|
SystemCallFilter=~@swap
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
Loading…
Reference in New Issue
Block a user