diff options
-rw-r--r-- | .SRCINFO | 2 | ||||
-rw-r--r-- | PKGBUILD | 15 | ||||
-rw-r--r-- | prosody.install | 3 | ||||
-rw-r--r-- | prosody.service | 66 |
4 files changed, 67 insertions, 19 deletions
@@ -32,7 +32,7 @@ pkgbase = prosody-hg sha256sums = SKIP sha256sums = f8612ba5d92fdae8fffe826b3248452d25315af15b1c8f1874f68bbfaeaab055 sha256sums = e5c30ffbb066f0ed3444475b3313490c535d8c9df018726f6cecf9e3ddfd2e48 - sha256sums = af4ce76ae0a8773429eac53c72f1b87c8fa59c63acf003450f75dcb73131a21c + sha256sums = f2ba8da777d660361a4fbe5d80e8e5855e07052ad67d7534413d39b4cbddaa1d pkgname = prosody-hg @@ -48,19 +48,6 @@ prepare() { sed -i s/"error = "/"-- error = "/g prosody.cfg.lua.dist sed -i s/"--\ \"\*syslog\"\;"/"\"*syslog\"\;"/g prosody.cfg.lua.dist - - # add pidfile and daemonize - # daemonize is important for systemd! - mv prosody.cfg.lua.dist prosody.cfg.lua.old - - echo --Important for systemd >> prosody.cfg.lua.dist - echo -- daemonize is important for systemd. if you set this to false the systemd startup will freeze. >> prosody.cfg.lua.dist - echo daemonize = true >> prosody.cfg.lua.dist - echo 'pidfile = "/run/prosody/prosody.pid"'>> prosody.cfg.lua.dist - echo "" >> prosody.cfg.lua.dist - cat prosody.cfg.lua.old >> prosody.cfg.lua.dist - rm prosody.cfg.lua.old - ./configure --ostype=linux --prefix=/usr --sysconfdir=/etc/prosody \ --datadir=/var/lib/prosody --with-lua-include=/usr/include/lua5.2 \ --cflags="${CFLAGS} -fPIC -Wall -Wextra -D_GNU_SOURCE" \ @@ -102,4 +89,4 @@ package() { sha256sums=('SKIP' 'f8612ba5d92fdae8fffe826b3248452d25315af15b1c8f1874f68bbfaeaab055' 'e5c30ffbb066f0ed3444475b3313490c535d8c9df018726f6cecf9e3ddfd2e48' - 'af4ce76ae0a8773429eac53c72f1b87c8fa59c63acf003450f75dcb73131a21c') + 'f2ba8da777d660361a4fbe5d80e8e5855e07052ad67d7534413d39b4cbddaa1d') diff --git a/prosody.install b/prosody.install index 989da11b417f..842a5f470980 100644 --- a/prosody.install +++ b/prosody.install @@ -1,5 +1,8 @@ post_install() { echo ">> Documentation: https://wiki.archlinux.org/index.php/Prosody" + echo + echo ">> The unit file has been changed to Type=simple. " + echo ">> You need to change the configuration back to daemonize=false (prosody default)." } post_upgrade() { diff --git a/prosody.service b/prosody.service index ba78f64bc9e5..fae82ab2f272 100644 --- a/prosody.service +++ b/prosody.service @@ -1,15 +1,73 @@ [Unit] Description=XMPP (Jabber) Server +Documentation=https://prosody.im/doc After=network.target [Service] -Type=forking -PIDFile=/run/prosody/prosody.pid -ExecStart=/usr/bin/prosodyctl start -ExecStop=/usr/bin/prosodyctl stop +### See man systemd.service ### +# With this configuration, systemd takes care of daemonization +# so Prosody should be configured with daemonize = false +Type=simple + +# Not sure if this is needed for 'simple' +PIDFile=/var/run/prosody/prosody.pid + +# Start by executing the main executable +ExecStart=/usr/bin/prosody + ExecReload=/bin/kill -HUP $MAINPID +# Restart on crashes +Restart=on-abnormal + +# Set O_NONBLOCK flag on sockets passed via socket activation +NonBlocking=true + +### See man systemd.exec ### + +WorkingDirectory=/var/lib/prosody + +User=prosody +Group=jabber + +Umask=0027 + +# Nice=0 + +# Set stdin to /dev/null since Prosody does not need it +StandardInput=null + +# Direct stdout/-err to journald for use with log = "*stdout" StandardOutput=journal +StandardError=inherit + +# This usually defaults to 4k or so +# LimitNOFILE=1M + +## Interesting protection methods +# Finding a useful combo of these settings would be nice +# +# Needs read access to /etc/prosody for config +# Needs write access to /var/lib/prosody for storing data (for internal storage) +# Needs write access to /var/log/prosody for writing logs (depending on config) +# Needs read access to code and libraries loaded + +# ReadWriteDirectories=/var/lib/prosody /var/log/prosody +# InaccessibleDirectories=/boot /home /media /mnt /root /srv +# ReadOnlyDirectories=/usr /etc/prosody + +# PrivateTmp=true +# PrivateDevices=true +# PrivateNetwork=false + +# ProtectSystem=full +# ProtectHome=true +# ProtectKernelTunables=true +# ProtectControlGroups=true +# SystemCallFilter= + +# This should break LuaJIT +# MemoryDenyWriteExecute=true [Install] WantedBy=multi-user.target |