Fix and update package according to Rust package guidelines

The config file has moved from /etc/matrix-conduit/conduit.toml to
/etc/conduwuit/conduwuit.toml.

1 files changed, 60 insertions, 0 deletions

diff --git a/conduwuit.service b/conduwuit.service
new file mode 100644
index 000000000000..edde1a7ce51f
--- /dev/null
+++ b/conduwuit.service
@@ -0,0 +1,60 @@
+[Unit]
+Description=conduwuit Matrix homeserver
+After=network-online.target
+
+[Service]
+DynamicUser=yes
+User=_conduwuit
+Group=_conduwuit
+Type=notify
+
+AmbientCapabilities=
+CapabilityBoundingSet=
+
+DevicePolicy=closed
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+ProcSubset=pid
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectProc=invisible
+ProtectSystem=strict
+PrivateDevices=yes
+PrivateMounts=yes
+PrivateTmp=yes
+PrivateUsers=yes
+PrivateIPC=yes
+RemoveIPC=yes
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service @resources
+SystemCallFilter=~@clock @debug @module @mount @reboot @swap @cpu-emulation @obsolete @timer @chown @setuid @privileged @keyring @ipc
+SystemCallErrorNumber=EPERM
+StateDirectory=matrix-conduit
+
+RuntimeDirectory=conduwuit
+RuntimeDirectoryMode=0750
+
+Environment="CONDUIT_CONFIG=/etc/conduwuit/conduwuit.toml"
+
+ExecStart=/usr/bin/conduwuit
+Restart=on-failure
+RestartSec=5
+
+TimeoutStopSec=4m
+TimeoutStartSec=4m
+
+StartLimitInterval=1m
+StartLimitBurst=5
+
+[Install]
+WantedBy=multi-user.target