knadh/listmonk
1
1
Fork 0
mirror of https://github.com/knadh/listmonk.git synced 2024-09-19 23:06:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
listmonk/listmonk-simple.service

62 lines
2.6 KiB
Desktop File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# A simpler version of the service template with wider compatibility for older OS's
[Unit]
Description=listmonk email service
ConditionPathExists=/etc/listmonk/config.toml
Wants=network.target
# The PostgreSQL database may not be on the same host but if it
# is listmonk should wait for it to start up.
After=postgresql.service
[Service]
Type=simple
PermissionsStartOnly=true
WorkingDirectory=/usr/bin
ExecStartPre=/usr/bin/mkdir -p "/etc/listmonk/uploads"
ExecStartPre=/usr/bin/listmonk --config /etc/listmonk/config.toml --upgrade --yes
ExecStart=/usr/bin/listmonk --config /etc/listmonk/config.toml
TimeoutStopSec=10
Restart=on-failure
RestartSec=5
# To enable a static dir, add the following
# --static-dir /etc/listmonk/static
# to the end of the ExecStart line above after creating the dir and fetching the files with:
# mkdir -p /etc/listmonk/static ; wget -O - https://github.com/knadh/listmonk/archive/master.tar.gz | tar xz -C /etc/listmonk/static --strip=2 "listmonk-master/static"
# To enable a log file that persists after restarts, replace the ExecStart= line with:
# ExecStart=/bin/bash -ce "exec /usr/bin/listmonk --config /etc/listmonk/config.toml --static-dir /etc/listmonk/static >>/etc/listmonk/listmonk.log 2>&1"
# Set user to run listmonk service as (instead of root).
# Can use "DynamicUser=" instead, if your systemd version is >= 232.
# https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#DynamicUser=
#User=
#StateDirectory=/etc/listmonk
#Environment=HOME=/usr/bin
# Use systemds ability to disable security-sensitive features
# that listmonk does not explicitly need.
# NoNewPrivileges should be enabled by DynamicUser=yes but systemd-analyze
# still recommended to explicitly enable it.
NoNewPrivileges=True
# listmonk doesnt need any capabilities as defined by the linux kernel
# see: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=
# listmonk only executes native code with no need for any other ABIs.
SystemCallArchitectures=native
# Make /home/, /root/, and /run/user/ inaccessible.
# ProtectSystem=strict and ProtectHome=read-only are implied by DynamicUser=True
# If you set ExecStartPre=/usr/bin/mkdir -p "listmonk/uploads" to a directory in /home/ or /root/ it will cause uploads to fail
# See https://github.com/knadh/listmonk/issues/843#issuecomment-1836023524
ProtectHome=True
# Make sure files created by listmonk are only readable by itself and
# others in the listmonk system group.
UMask=0027
# listmonk only needs to support the IPv4 and IPv6 address families.
RestrictAddressFamilies=AF_INET AF_INET6
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink