X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=installation%2Fpleroma.service;h=63e83ed6efe27842d4867a2927fcf5c6c0aebd16;hb=fa1f5d4442560ca7fadc1057d0a1ae34ce4b08e8;hp=5dcbc13877f916de16443bec9ead491ee26bb687;hpb=3f9263fb16ad519d2dd45106549a8ba42b68fc1f;p=akkoma

diff --git a/installation/pleroma.service b/installation/pleroma.service
index 5dcbc1387..63e83ed6e 100644
--- a/installation/pleroma.service
+++ b/installation/pleroma.service
@@ -17,6 +17,8 @@ Environment="MIX_ENV=prod"
 Environment="HOME=/var/lib/pleroma"
 ; Path to the folder containing the Pleroma installation.
 WorkingDirectory=/opt/pleroma
+; Path to the environment file. the file contains RELEASE_COOKIE and etc 
+EnvironmentFile=/opt/pleroma/config/pleroma.env
 ; Path to the Mix binary.
 ExecStart=/usr/bin/mix phx.server
 
@@ -29,8 +31,6 @@ ProtectHome=true
 ProtectSystem=full
 ; Sets up a new /dev mount for the process and only adds API pseudo devices like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled by default because it may not work on devices like the Raspberry Pi.
 PrivateDevices=false
-; Ensures that the service process and all its children can never gain new privileges through execve().
-NoNewPrivileges=true
 ; Drops the sysadmin capability from the daemon.
 CapabilityBoundingSet=~CAP_SYS_ADMIN