diff options
author | 2024-04-19 14:40:52 +0200 | |
---|---|---|
committer | 2024-04-19 22:32:24 +0200 | |
commit | 97eaacf1ac039e827b61ef1245f33eee64a80c28 (patch) | |
tree | 3ec37c5d15ee4424e5f2e7d5be6a91bae8e8e5a4 /net-im/conduit/files | |
parent | initial (diff) | |
download | arsen-97eaacf1ac039e827b61ef1245f33eee64a80c28.tar.gz arsen-97eaacf1ac039e827b61ef1245f33eee64a80c28.tar.bz2 arsen-97eaacf1ac039e827b61ef1245f33eee64a80c28.zip |
net-im/conduit: new package, add 0.6.0
Signed-off-by: Arsen Arsenović <arsen@aarsen.me>
Diffstat (limited to 'net-im/conduit/files')
-rw-r--r-- | net-im/conduit/files/matrix-conduit.service | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/net-im/conduit/files/matrix-conduit.service b/net-im/conduit/files/matrix-conduit.service new file mode 100644 index 0000000..7643095 --- /dev/null +++ b/net-im/conduit/files/matrix-conduit.service @@ -0,0 +1,50 @@ +# Based on debian/matrix-conduit.service from Conduit -*- conf -*- +# Modified by Arsen +[Unit] +Description=Conduit Matrix homeserver +After=network.target +ConditionPathExists=/etc/matrix-conduit/conduit.toml + +[Service] +DynamicUser=yes +User=conduit +Group=conduit +Type=simple + +AmbientCapabilities= +CapabilityBoundingSet= +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +ProtectClock=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +PrivateDevices=yes +PrivateMounts=yes +PrivateTmp=yes +PrivateUsers=yes +RemoveIPC=yes +RestrictAddressFamilies=AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallErrorNumber=EPERM +StateDirectory=matrix-conduit + +Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml" + +ExecStart=/usr/sbin/conduit +Restart=on-failure +RestartSec=10 +StartLimitInterval=1m +StartLimitBurst=5 + +[Install] +WantedBy=multi-user.target |