diff options
| author | etckeeper | 2022-05-19 16:32:27 +0200 |
|---|---|---|
| committer | etckeeper | 2022-05-19 16:32:27 +0200 |
| commit | 2f6449b60972fc5d1c684c3ad8af3b7246801bb1 (patch) | |
| tree | d25004ee4d7dd9d62c59067ab6472d4727dd935a | |
| parent | cec5d8f984085c7ee43296f5a4275beaf0e8376c (diff) | |
| download | aur-2f6449b60972fc5d1c684c3ad8af3b7246801bb1.tar.gz | |
hardened more the .service files
updated post-install instructions to suggest to customize the service
changed order of deleting old installations vs upgrading to leave the old installation in if the upgrade fails
| -rw-r--r-- | .SRCINFO | 2 | ||||
| -rw-r--r-- | PKGBUILD | 2 | ||||
| -rw-r--r-- | hass-update.service | 9 | ||||
| -rw-r--r-- | hass.install | 1 | ||||
| -rw-r--r-- | hass.service | 1 |
5 files changed, 10 insertions, 5 deletions
@@ -1,6 +1,6 @@ pkgbase = home-assistant-service-pip pkgdesc = Self installing package of Home Assistant using pip - pkgver = 2 + pkgver = 3 pkgrel = 1 url = https://home-assistant.io/ install = hass.install @@ -1,7 +1,7 @@ pkgname=home-assistant-service-pip _serviceName=hass pkgdesc='Self installing package of Home Assistant using pip' -pkgver=2 +pkgver=3 pkgrel=1 arch=('any') url='https://home-assistant.io/' diff --git a/hass-update.service b/hass-update.service index faf71d0e442a..33bbfe75fca4 100644 --- a/hass-update.service +++ b/hass-update.service @@ -12,6 +12,9 @@ WorkingDirectory=~ EnvironmentFile=-/etc/hass.env Type=oneshot +# upgrade home assistant and all its necessary libs +ExecStart=pip install --no-warn-script-location --user --upgrade homeassistant + # delete old python version libraries in the venv ExecStart=sh -c '\ find \ @@ -20,9 +23,6 @@ $(python -c "import os.path as path; import site; print(path.dirname(path.dirnam -print0 \ | xargs --no-run-if-empty -0 rm --verbose --recursive' -# upgrade home assistant and all its necessary libs -ExecStart=pip install --no-warn-script-location --user --upgrade homeassistant - LockPersonality=true RestrictRealtime=true RestrictSUIDSGID=true @@ -30,6 +30,9 @@ ProtectControlGroups=true ProtectKernelModules=true ProtectKernelTunables=true PrivateMounts=true +PrivateTmp=true +ProtectSystem=full +PrivateDevices=true [Install] WantedBy=multi-user.target diff --git a/hass.install b/hass.install index 5dfba4a3fc1d..77d21dba9769 100644 --- a/hass.install +++ b/hass.install @@ -2,6 +2,7 @@ post-install() { cat - <<- 'EOF' This package installs a hass.service and a hass-update.service to manage the Home Assistant installation. You can ( and should ) configure the parameters for native modules compilation at /etc/hass.env. + Any customization to the service, such as granting bluetooth capabilities, can be done using # systemctl edit hass. Auto update and installation of Home Assistant is handled before service launch/restart, it may take a while, especially the first time. EOF }
\ No newline at end of file diff --git a/hass.service b/hass.service index 9430597e1c29..46e9c29ee1f8 100644 --- a/hass.service +++ b/hass.service @@ -27,6 +27,7 @@ ProtectControlGroups=true ProtectKernelModules=true ProtectKernelTunables=true PrivateMounts=true +ProtectSystem=full [Install] |