diff options
Diffstat (limited to 'neo4j.service')
| -rw-r--r-- | neo4j.service | 34 |
1 files changed, 25 insertions, 9 deletions
diff --git a/neo4j.service b/neo4j.service index 879fecb24523..645db72a19d1 100644 --- a/neo4j.service +++ b/neo4j.service @@ -1,16 +1,32 @@ [Unit] -Description=Neo4j +Description=Neo4j Graph Database +After=network-online.target +Wants=network-online.target [Service] +ExecStart=/usr/bin/neo4j console +Restart=on-abnormal User=neo4j -Type=forking -Environment=NEO4J_CONF=/etc/neo4j -Environment=NEO4J_HOME=/usr/share/java/neo4j -Environment=JAVA_HOME=/usr/lib/jvm/java-11-openjdk -ExecStart=/usr/bin/neo4j start -ExecStop=/usr/bin/neo4j stop -PIDFile=/run/neo4j/neo4j.pid -LimitNOFILE=40000 +Group=neo4j +Environment="NEO4J_CONF=/etc/neo4j" "NEO4J_HOME=/var/lib/neo4j" +LimitNOFILE=60000 +TimeoutSec=120 + +# Hardening +PrivateTmp=true +ProtectHome=true +ProtectSystem=full +NoNewPrivileges=true +ProtectControlGroups=true +ProtectKernelModules=true +ProtectKernelTunables=true +PrivateDevices=true +# RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=true +RestrictRealtime=true +SystemCallArchitectures=native +ReadOnlyPaths=/ +ReadWritePaths=/var/lib/neo4j /var/log/neo4j [Install] WantedBy=multi-user.target |