Skip to content
Snippets Groups Projects
Select Git revision
  • 4d46cd7ec34996ee8b0215ebee2dbb3deb1b2692
  • master default protected
  • fix-6.13.0
  • 6.7.0-fix
  • bookworm
  • 6.4.4-oauth-fix
  • meteor-fix
  • patch-support
  • 7.7.6 protected
  • 7.8.2 protected
  • 7.7.5 protected
  • 7.8.1 protected
  • 7.8.0 protected
  • 7.3.6 protected
  • 7.4.4 protected
  • 7.5.3 protected
  • 7.6.4 protected
  • 7.7.4 protected
  • 7.7.3 protected
  • 7.7.2 protected
  • 7.7.1 protected
  • 7.1.6 protected
  • 7.2.6 protected
  • 7.3.5 protected
  • 7.4.3 protected
  • 7.5.2 protected
  • 7.6.3 protected
  • 7.6.2 protected
28 results

rocketchat-follower@.service

Blame
  • rocketchat-follower@.service 1.09 KiB
    [Unit]
    Description=RocketChat Server (follower, depending on main service)
    After=network.target
    Wants=network-online.target
    PartOf=rocketchat.service
    
    [Service]
    # Overwrite BIND_IP from config files with instance name. We cannot use
    # Environment for this, since EnvironmentFile takes precedence over it.
    ExecStart=env BIND_IP=%I /usr/bin/node /usr/share/rocketchat/bundle/main.js
    Restart=on-failure
    RestartSec=10
    ExecReload=/bin/kill -USR1 $MAINPID
    SyslogIdentifier=rocketchat
    
    Environment=NODE_ENV=production
    EnvironmentFile=/etc/rocketchat.conf
    EnvironmentFile=/etc/rocketchat-follower.conf
    
    DynamicUser=true
    PrivateUsers=true
    CapabilityBoundingSet=
    NoNewPrivileges=true
    RemoveIPC=true
    LockPersonality=true
    ProtectControlGroups=true
    ProtectKernelTunables=true
    ProtectKernelModules=true
    ProtectKernelLogs=true
    ProtectClock=true
    ProtectHostname=true
    ProtectProc=noaccess
    RestrictRealtime=true
    RestrictSUIDSGID=true
    RestrictNamespaces=true
    ProtectSystem=strict
    ProtectHome=true
    PrivateTmp=true
    PrivateDevices=true
    SystemCallArchitectures=native
    SystemCallFilter=@system-service
    
    [Install]
    WantedBy=rocketchat.service