arnekeller/Typicalc
1
0
Fork 0
mirror of https://gitlab.kit.edu/uskyk/typicalc.git synced 2024-09-19 18:25:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Systemd configuration file

Browse Source
This commit is contained in:
Arne Keller 2021-06-21 10:14:28 +02:00
parent 5763c6b4ee
commit 5cabe75933
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -105,3 +105,7 @@ Then run the server:
``` ```
PORT=80 java -jar target/typicalc-1.0-SNAPSHOT.jar PORT=80 java -jar target/typicalc-1.0-SNAPSHOT.jar
``` ```
### Deploying using systemd
Copy the `typicalc.service` file into your systemd configuration and enable the service.

35
typicalc.service Normal file
View File

@ -0,0 +1,35 @@
[Unit]
Description=Typicalc
After=syslog.target network.target
[Service]
# the JVM uses this exit code when stopping due to SIGTERM
SuccessExitStatus=143
User=typicalc
Group=typicalc
Type=simple
WorkingDirectory=/opt
ExecStart=/usr/lib/jvm/java-11-openjdk-amd64/bin/java -jar /opt/typicalc-1.0-SNAPSHOT.jar
ExecStop=/bin/kill -15 $MAINPID
ProtectSystem=strict
ProtectHome=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
PrivateDevices=true
PrivateTmp=true
PrivateUsers=true
NoNewPrivileges=true
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_MODULE CAP_SYS_TIME
RestrictNamespaces=~user
SystemCallArchitectures=native
LockPersonality=true
UMask=0177
RestrictAddressFamilies=AF_INET AF_INET6
[Install]
WantedBy=multi-user.target