diff options
| author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:23:43 -0500 |
|---|---|---|
| committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:52:13 -0500 |
| commit | 0261e875679f1bf63c8d689da7fc7e014597885d (patch) | |
| tree | 3f19cd74a0c1070944f75437f30b098d6ef2ffcb /roles/syncthing/templates/etc/systemd/system/syncthing-user@.service.j2 | |
| download | selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.tar.gz selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.zip | |
initial commit
Diffstat (limited to 'roles/syncthing/templates/etc/systemd/system/syncthing-user@.service.j2')
| -rw-r--r-- | roles/syncthing/templates/etc/systemd/system/syncthing-user@.service.j2 | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/roles/syncthing/templates/etc/systemd/system/syncthing-user@.service.j2 b/roles/syncthing/templates/etc/systemd/system/syncthing-user@.service.j2 new file mode 100644 index 0000000..ba0ffb5 --- /dev/null +++ b/roles/syncthing/templates/etc/systemd/system/syncthing-user@.service.j2 @@ -0,0 +1,27 @@ +[Unit] +Description=Syncthing - Open Source Continuous File Synchronization for %I +Documentation=man:syncthing(1) +After=autofs.service nss-user-lookup.target network-online.target + +[Service] +User=%i +Group=%i +Environment=STNOUPGRADE=1 +PermissionsStartOnly=true +ExecStartPre=install -o root -g root -m 0755 -Z -d {{ syncthing_runtime_dir | quote }} +ExecStartPre=install -o %i -g apache -m 2750 -Z -d {{ syncthing_runtime_dir | quote }}/%i +ExecStart=/usr/bin/syncthing -no-browser -no-restart -logflags=0 -home {{ syncthing_home | quote}}/%i -gui-address=unix://{{ syncthing_runtime_dir | quote }}/%i/gui.sock +Restart=on-failure +RestartSec=5 +SuccessExitStatus=3 4 +RestartForceExitStatus=3 4 + +# Hardening +ProtectSystem=full +PrivateTmp=true +SystemCallArchitectures=native +MemoryDenyWriteExecute=true +NoNewPrivileges=true + +[Install] +WantedBy=multi-user.target |