summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Cuneo2024-01-10 00:41:52 +1100
committerMatt Cuneo2024-01-10 00:41:52 +1100
commitce749e1106423be4d0570d86cb4ff05fb604b3fa (patch)
tree661327146b43e8fe70c45f18dad61d016e543227
parent6d086a05b4a992ce9410b6809e78155cce4d999c (diff)
downloadaur-ce749e1106423be4d0570d86cb4ff05fb604b3fa.tar.gz
make systemd unit work
-rw-r--r--.SRCINFO8
-rw-r--r--PKGBUILD8
-rw-r--r--systemd-worker.service1
-rw-r--r--systemd.service7
-rw-r--r--sysusers.conf2
-rw-r--r--tmpfiles.conf5
6 files changed, 15 insertions, 16 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 416a57419483..80a2708a7114 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -17,9 +17,9 @@ pkgbase = matrix-authentication-service-git
source = systemd.service
source = systemd-worker.service
b2sums = SKIP
- b2sums = f6ffc73dfaca2ffdc3551071dfc31f94bae50393d9609bc4498901c87750560e31cf14bdeb00474d8bc51b175468501f3ad0f015ce242c5a4c571eb94ed9a851
- b2sums = 7fdd9c3762be351b9fa9948b247af9520b17bdcf8a92849a83479ca8f24dde3e56404eee24b9a05380491a63c4be55b0ceecdcc25e5de6febc5d1bce727df1ab
- b2sums = 12fc99503d5b9a8aa1620cb373c1092a87a0afb31ba90193e6ed7a1dd4a907f5a472539b1c2103bd9164a135f7dbd84bb7a1bd97bb562b620b138116e1e19438
- b2sums = 5ed32f353509fd1d727abb1e70ff7fdf7eab02891e28c08c567f781e1a0ee306264761a8d8d59a46caebab60076bf8ac8bf8f73d0c622cc8a23d650943f87885
+ b2sums = e32a10d979cb385be8191ac29096ff25ea6233f693a5ec0aaf3eff76411aca4bd9298dfe36585da36f2128cf2f2e48878ffcf2c5a44452d86970e57ee77098d3
+ b2sums = ea50947ebff8eb1c174d0037ba11a6b1c9b22caf55025cbe9afb1c9055c2ead02923298e1301a6187eb4484179a88ec630469ebcbdcce0d8da8ae29b2fca1c23
+ b2sums = fd206cf9fbe26f3509053f3893066c6368024e8569194981085aff7bdbe65ecdcdd4384a5ba8119e1e6114eb576b9c683552c09f865f09e5171feecf3f0254f3
+ b2sums = 39ba8399ca52b5bc5984f4fd426f812d6017a096368b3e63e16c0d9a0a2ec695b02b418b821adc62fb29609803355a1f673da3be7af5d9436e3c49e461d7d049
pkgname = matrix-authentication-service-git
diff --git a/PKGBUILD b/PKGBUILD
index eb3ba28321fa..c9a426f09b03 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -24,10 +24,10 @@ source=(
systemd-worker.service
)
b2sums=('SKIP'
- 'f6ffc73dfaca2ffdc3551071dfc31f94bae50393d9609bc4498901c87750560e31cf14bdeb00474d8bc51b175468501f3ad0f015ce242c5a4c571eb94ed9a851'
- '7fdd9c3762be351b9fa9948b247af9520b17bdcf8a92849a83479ca8f24dde3e56404eee24b9a05380491a63c4be55b0ceecdcc25e5de6febc5d1bce727df1ab'
- '12fc99503d5b9a8aa1620cb373c1092a87a0afb31ba90193e6ed7a1dd4a907f5a472539b1c2103bd9164a135f7dbd84bb7a1bd97bb562b620b138116e1e19438'
- '5ed32f353509fd1d727abb1e70ff7fdf7eab02891e28c08c567f781e1a0ee306264761a8d8d59a46caebab60076bf8ac8bf8f73d0c622cc8a23d650943f87885')
+ 'e32a10d979cb385be8191ac29096ff25ea6233f693a5ec0aaf3eff76411aca4bd9298dfe36585da36f2128cf2f2e48878ffcf2c5a44452d86970e57ee77098d3'
+ 'ea50947ebff8eb1c174d0037ba11a6b1c9b22caf55025cbe9afb1c9055c2ead02923298e1301a6187eb4484179a88ec630469ebcbdcce0d8da8ae29b2fca1c23'
+ 'fd206cf9fbe26f3509053f3893066c6368024e8569194981085aff7bdbe65ecdcdd4384a5ba8119e1e6114eb576b9c683552c09f865f09e5171feecf3f0254f3'
+ '39ba8399ca52b5bc5984f4fd426f812d6017a096368b3e63e16c0d9a0a2ec695b02b418b821adc62fb29609803355a1f673da3be7af5d9436e3c49e461d7d049')
pkgver() {
cd "$_pkgname"
printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
diff --git a/systemd-worker.service b/systemd-worker.service
index 267019203af0..448a1340799d 100644
--- a/systemd-worker.service
+++ b/systemd-worker.service
@@ -4,6 +4,7 @@ After=network.target
[Service]
User=mas
+Environment=HOME=/var/lib/matrix-authentication-service
WorkingDirectory=/usr/share/matrix-authentication-service
ExecStart=/usr/bin/mas-cli worker -c /etc/matrix-authentication-service/config.yaml
Restart=on-failure
diff --git a/systemd.service b/systemd.service
index f6f952f6f66f..6398ada48785 100644
--- a/systemd.service
+++ b/systemd.service
@@ -4,15 +4,10 @@ After=network.target
[Service]
User=mas
+Environment=HOME=/var/lib/matrix-authentication-service
WorkingDirectory=/usr/share/matrix-authentication-service
ExecStart=/usr/bin/mas-cli server --migrate --no-worker -c /etc/matrix-authentication-service/config.yaml
Restart=on-failure
-# Hardening
-ProtectSystem=yes
-PrivateTmp=true
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-
[Install]
WantedBy=multi-user.target
diff --git a/sysusers.conf b/sysusers.conf
index 762a4d572614..17031cd327f6 100644
--- a/sysusers.conf
+++ b/sysusers.conf
@@ -1 +1 @@
-u mas - "Matrix authentication proxy user"
+u mas - "Matrix authentication proxy user" /var/lib/matrix-authentication-service
diff --git a/tmpfiles.conf b/tmpfiles.conf
index af0f26136a31..37bd0bcfb23d 100644
--- a/tmpfiles.conf
+++ b/tmpfiles.conf
@@ -1 +1,4 @@
-z /etc/matrix-authentication-proxy/config.yaml 0640
+z /etc/matrix-authentication-service/config.yaml 0640
+d /var/lib/matrix-authentication-service 0755 mas mas
+d /usr/share/matrix-authentication-service 0755 mas mas
+