mirror of
https://github.com/owncast/owncast.git
synced 2024-10-23 04:55:56 +03:00
Update service to be far more secure. (#2352)
This commit is contained in:
parent
ec42aedb73
commit
9b7e5d5189
1 changed files with 10 additions and 4 deletions
|
@ -3,11 +3,17 @@ Description=Owncast Service
|
|||
|
||||
[Service]
|
||||
Type=simple
|
||||
WorkingDirectory=[path_to_owncast_root_directory]
|
||||
ExecStart=[path_to_owncast_executable]
|
||||
Restart=on-failure
|
||||
WorkingDirectory=[path to owncast directory]
|
||||
ReadWritePaths=[path to owncast directory]
|
||||
ExecStart=[path to owncast directory]/owncast
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
User=[user to run owncast as]
|
||||
Group=[group to run owncast as]
|
||||
NoNewPrivileges=true
|
||||
SecureBits=noroot
|
||||
ProtectSystem=strict
|
||||
ProtectHome=read-only
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
|
|
Loading…
Reference in a new issue