2015-06-09 12:43:30 +02:00
|
|
|
[Unit]
|
|
|
|
Description=Gunicorn server running Mozilla's Firefox Sync Server - Version 1.5
|
|
|
|
After=network.target
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
Type=simple
|
2017-01-07 00:06:16 +01:00
|
|
|
ExecStart=/opt/mozilla-firefox-sync-server/local/bin/gunicorn --paste /opt/mozilla-firefox-sync-server/syncserver.ini
|
|
|
|
Restart=on-abort
|
|
|
|
|
2015-06-09 12:43:30 +02:00
|
|
|
User=ffsync
|
|
|
|
Group=http
|
|
|
|
UMask=007
|
2017-01-07 00:06:16 +01:00
|
|
|
|
|
|
|
NoNewPrivileges=yes
|
|
|
|
|
|
|
|
PrivateTmp=yes
|
|
|
|
PrivateDevices=yes
|
|
|
|
|
|
|
|
ProtectSystem=full
|
|
|
|
ProtectHome=yes
|
|
|
|
|
|
|
|
SystemCallArchitectures=native
|
|
|
|
SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io
|
|
|
|
|
|
|
|
CapabilityBoundingSet=
|
|
|
|
AmbientCapabilities=
|
2015-06-09 12:43:30 +02:00
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|