computernewb/whitelister-eternal
6
0
Fork 0
Code Issues 1 Pull requests Actions Packages Projects Releases Wiki Activity
whitelister-eternal/whitelister.service

27 lines
506 B
Desktop File
Raw Blame History

[Unit]
Description=Whitelister Eternal
[Service]
User=whitelister
Group=whitelister
Restart=always
RestartSec=5
Type=simple
WorkingDirectory=/srv/whitelister
Environment=NODE_ENV=production
ExecStart=/usr/bin/node /srv/whitelister/dist/index.js
MemoryMax=4G
# Hardening
PrivateTmp=yes
NoNewPrivileges=true
RestrictNamespaces=uts ipc pid user cgroup
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectControlGroups=yes
PrivateDevices=yes
RestrictSUIDSGID=true
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink