fix install file

author: Nriver 2023-01-09 16:40:10 +0800
committer: Nriver 2023-01-09 16:40:10 +0800
commit: c0a0cd94da02cf7a138eb14de239ad700a0ad67b (patch)
tree: 3aa70f93fe31a5a8f3f4c4d598fb9ae143cd1d78 /trilium-server.service
parent: 549ae3700ca4e6ac8524f8be3781a02ee770eace (diff)
download: aur-c0a0cd94da02cf7a138eb14de239ad700a0ad67b.tar.gz
1 files changed, 40 insertions, 0 deletions
diff --git a/trilium-server.service b/trilium-server.service
new file mode 100644
index 000000000000..2fdbc4617cca
--- /dev/null
+++ b/trilium-server.service
@@ -0,0 +1,40 @@
+[Unit]
+Description=Trilium Notes server daemon
+After=syslog.target network.target
+
+[Service]
+User=triliumserver
+Group=triliumserver
+Type=simple
+Environment=TRILIUM_DATA_DIR=trilium-data/
+ExecStart=./trilium.sh
+WorkingDirectory=/opt/trilium-server
+
+# Security
+ProtectProc=invisible
+ProtectSystem=strict
+ReadWritePaths=/var/lib/trilium-server
+ProtectHome=yes
+PrivateTmp=yes
+PrivateDevices=yes
+PrivateIPC=yes
+PrivateUsers=yes
+ProtectHostname=yes
+ProtectClock=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectKernelLogs=yes
+ProtectControlGroups=yes
+RestrictNamespaces=yes
+LockPersonality=yes
+RestrictSUIDSGID=yes
+RemoveIPC=yes
+NoNewPrivileges=yes
+SystemCallArchitectures=native
+
+TimeoutStopSec=20
+# KillMode=process leads to error, according to https://www.freedesktop.org/software/systemd/man/systemd.kill.html
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+\ No newline at end of file
author	Nriver	2023-01-09 16:40:10 +0800
committer	Nriver	2023-01-09 16:40:10 +0800
commit	c0a0cd94da02cf7a138eb14de239ad700a0ad67b (patch)
tree	3aa70f93fe31a5a8f3f4c4d598fb9ae143cd1d78 /trilium-server.service
parent	549ae3700ca4e6ac8524f8be3781a02ee770eace (diff)
download	aur-c0a0cd94da02cf7a138eb14de239ad700a0ad67b.tar.gz