1
0
dwelling-upload/init/systemd/dwelling-upload-clean.service

39 lines
807 B
SYSTEMD
Raw Normal View History

[Unit]
Description=dwelling-upload-clean
[Service]
Type=oneshot
User=dwupload
Group=dwupload
ExecStart=/usr/bin/dwelling-upload-clean -conf /etc/dwelling/upload.yaml
ReadOnlyPaths=/
# Set here path to directory where uploads are stored.
ReadWritePaths=/srv/upload
NoExecPaths=/
2022-03-20 18:40:26 +04:00
ExecPaths=/usr/bin/dwelling-upload-clean
LogsDirectory=dwelling-upload
AmbientCapabilities=
CapabilityBoundingSet=
LockPersonality=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true
PrivateDevices=true
ProtectClock=true
ProtectControlGroups=true
ProtectHome=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
RestrictAddressFamilies=
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true
SystemCallArchitectures=native
[Install]
WantedBy=multi-user.target