Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-02-23 12:17:37 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
i2pd/contrib/i2pd.service
analotia e628483c31
Remove /proc line
2020-09-18 16:41:13 +03:00

60 lines
1.6 KiB
Desktop File
Raw Blame History

[Unit]
Description=I2P Router written in C++
Documentation=man:i2pd(1) https://i2pd.readthedocs.io/en/latest/
After=network.target
ConditionFileIsExecutable=/usr/sbin/i2pd
[Service]
User=i2pd
Group=i2pd
PermissionsStartOnly=yes
RuntimeDirectory=i2pd
RuntimeDirectoryMode=0700
LogsDirectory=i2pd
LogsDirectoryMode=0700
Type=exec
Environment="DAEMON_OPTS=--conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --service"
EnvironmentFile=-/etc/default/i2pd
ExecStart=/usr/sbin/i2pd $DAEMON_OPTS
ExecReload=/bin/sh -c "kill -HUP $MAINPID"
PIDFile=/run/i2pd/i2pd.pid
Restart=on-failure
KillSignal=SIGQUIT
# If you have the patience waiting 10 min on restarting/stopping it, uncomment this.
# i2pd stops accepting new tunnels and waits ~10 min while old ones do not die.
#KillSignal=SIGINT
#TimeoutStopSec=10m
LimitNOFILE=65536
# To enable write of coredump uncomment this
#LimitCORE=infinity
# Hardening
NoNewPrivileges=yes
PrivateTmp=yes
PrivateUsers=true
PrivateDevices=yes
ProtectHome=yes
ProtectSystem=full
ProtectClock=true
ProtectControlGroups=yes
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=strict
RestrictAddressFamilies=AF_INET AF_INET6
RestrictNamespaces=cgroup ipc mnt pid user uts
RestrictRealtime=true
RestrictSUIDSGID=true
RemoveIPC=true
ReadOnlyDirectories=/
ReadWriteDirectories=-/var/lib/i2pd
ReadWriteDirectories=-/var/log/i2pd
ReadWriteDirectories=-/run
CapabilityBoundingSet=
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink