blob: 5a341d3999db36e570636fdff7c57711003a1b07 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
[Unit]
Description=Modern and fast key-value store
After=network.target
Documentation=
[Service]
Type=simple
EnvironmentFile=-/etc/dragonfly/environment
ExecStart=/usr/bin/dragonfly --flagfile=/etc/dragonfly/dragonfly.conf
PIDFile=/run/dragonfly/dragonfly.pid
TimeoutStopSec=infinity
Restart=always
User=dragonfly
Group=dragonfly
RuntimeDirectory=dragonfly
RuntimeDirectoryMode=2755
UMask=007
PrivateTmp=yes
LimitNOFILE=262144
PrivateDevices=yes
ProtectHome=yes
ProtectSystem=full
ReadWritePaths=-/var/lib/dragonfly
ReadWritePaths=-/var/log/dragonfly
ReadWritePaths=-/run/dragonfly
NoNewPrivileges=true
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE
MemoryDenyWriteExecute=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
RestrictRealtime=true
RestrictNamespaces=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
[Install]
WantedBy=multi-user.target
Alias=dragonfly.service
|