fit to upstream, implement woraround for yubikey support not compiling on aarch64

author: Markus Richter 2019-01-11 14:09:03 +0100
committer: Markus Richter 2019-01-11 14:09:03 +0100
commit: 5f2e8119dc74e93f8d88816d034d262079c0e541 (patch)
tree: ce094f2e1075a45f4279f8fd54abf5ee4b3c2c52 /bitwarden_rs.service
parent: 60f27b58114bf52c4f2c75be64a28f87ec6538e7 (diff)
download: aur-5f2e8119dc74e93f8d88816d034d262079c0e541.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/bitwarden_rs.service b/bitwarden_rs.service
index ff6e7a7a8061..458600a27ea6 100644
--- a/bitwarden_rs.service
+++ b/bitwarden_rs.service
@@ -4,18 +4,25 @@ Documentation=https://github.com/dani-garcia/bitwarden_rs
 After=network.target
 
 [Service]
+# The user/group bitwarden_rs is run under. the working directory (see below) should allow write and read access to this user/group
 User=bitwarden_rs
 Group=bitwarden_rs
+# The location of the .env file for configuration
 EnvironmentFile=/etc/bitwarden_rs.env
+# The location of the compiled binary
 ExecStart=/usr/bin/bitwarden_rs
+# Set reasonable connection and process limits
 LimitNOFILE=1048576
 LimitNPROC=64
+# Isolate bitwarden_rs from the rest of the system
 PrivateTmp=true
 PrivateDevices=true
 ProtectHome=true
 ProtectSystem=strict
+# Only allow writes to the following directory and set it to the working directory (user and password data are stored here)
 WorkingDirectory=/var/lib/bitwarden_rs
 ReadWriteDirectories=/var/lib/bitwarden_rs
+# Allow bitwarden_rs to bind ports in the range of 0-1024
 AmbientCapabilities=CAP_NET_BIND_SERVICE
 
 [Install]
author	Markus Richter	2019-01-11 14:09:03 +0100
committer	Markus Richter	2019-01-11 14:09:03 +0100
commit	5f2e8119dc74e93f8d88816d034d262079c0e541 (patch)
tree	ce094f2e1075a45f4279f8fd54abf5ee4b3c2c52 /bitwarden_rs.service
parent	60f27b58114bf52c4f2c75be64a28f87ec6538e7 (diff)
download	aur-5f2e8119dc74e93f8d88816d034d262079c0e541.tar.gz