|
@@ -18,10 +18,13 @@ WorkingDirectory=/home/git/gogs
|
|
|
ExecStart=/home/git/gogs/gogs web
|
|
ExecStart=/home/git/gogs/gogs web
|
|
|
Restart=always
|
|
Restart=always
|
|
|
Environment=USER=git HOME=/home/git
|
|
Environment=USER=git HOME=/home/git
|
|
|
-# Hardening
|
|
|
|
|
|
|
+
|
|
|
|
|
+# Some distributions may not support these hardening directives. If you cannot start the service due
|
|
|
|
|
+# to an unknown option, comment out the ones not supported by your version of systemd.
|
|
|
ProtectSystem=full
|
|
ProtectSystem=full
|
|
|
PrivateDevices=yes
|
|
PrivateDevices=yes
|
|
|
PrivateTmp=yes
|
|
PrivateTmp=yes
|
|
|
|
|
+NoNewPrivileges=true
|
|
|
|
|
|
|
|
[Install]
|
|
[Install]
|
|
|
WantedBy=multi-user.target
|
|
WantedBy=multi-user.target
|
Steven Haigh