git.squeep.com Git - akkoma/blob - installation/pleroma.service

   1 [Unit]
   2 Description=Pleroma social network
   3 After=network.target postgresql.service
   4
   5 [Service]
   6 ExecReload=/bin/kill $MAINPID
   7 KillMode=process
   8 Restart=on-failure
   9
  10 ; Name of the user that runs the Pleroma service.
  11 User=pleroma
  12 ; Declares that Pleroma runs in production mode.
  13 Environment="MIX_ENV=prod"
  14
  15 ; Make sure that all paths fit your installation.
  16 ; Path to the home directory of the user running the Pleroma service.
  17 Environment="HOME=/home/pleroma"
  18 ; Path to the folder containing the Pleroma installation.
  19 WorkingDirectory=/home/pleroma/pleroma
  20 ; Path to the Mix binary.
  21 ExecStart=/usr/bin/mix phx.server
  22
  23 ; Some security directives.
  24 ; Use private /tmp and /var/tmp folders inside a new file system namespace, which are discarded after the process stops.
  25 PrivateTmp=true
  26 ; Mount /usr, /boot, and /etc as read-only for processes invoked by this service.
  27 ProtectSystem=full
  28 ; Sets up a new /dev mount for the process and only adds API pseudo devices like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled by default because it may not work on devices like the Raspberry Pi.
  29 PrivateDevices=false
  30 ; Ensures that the service process and all its children can never gain new privileges through execve().
  31 NoNewPrivileges=true
  32 ; Drops the sysadmin capability from the daemon.
  33 CapabilityBoundingSet=~CAP_SYS_ADMIN
  34
  35 [Install]
  36 WantedBy=multi-user.target