msfjarvis/server-config
1
Fork 0
mirror of https://github.com/msfjarvis/server-config synced 2025-08-14 12:57:00 +05:30
Code Issues Projects Releases Packages Wiki Activity Actions

Allow home access to c9 and jarvis-bot

Browse source 
c9 _is_ run inside /home/msfjarvis and jarvis-bot dumps
temp data in it's home in /home/bot/jarvis-ci-bot

Signed-off-by: Harsh Shandilya <harsh@prjkt.io>
This commit is contained in:
Harsh Shandilya 2018-02-14 23:41:12 +05:30
parent 3c4bef4409
commit 7c17937d4b
No known key found for this signature in database
GPG key ID: 4AD75758D9EE741C
2 changed files with 0 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
c9.service
View file

@ -19,8 +19,6 @@ TimeoutStopSec=5s
PrivateTmp=true PrivateTmp=true
; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.) ; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
PrivateDevices=false PrivateDevices=false
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
ProtectHome=true
; Make /usr, /boot, /etc and possibly some more folders read-only. ; Make /usr, /boot, /etc and possibly some more folders read-only.
ProtectSystem=full ProtectSystem=full

2
jarvis-bot.service
View file

@ -19,8 +19,6 @@ TimeoutStopSec=5s
PrivateTmp=true PrivateTmp=true
; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.) ; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
PrivateDevices=false PrivateDevices=false
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
ProtectHome=true
; Make /usr, /boot, /etc and possibly some more folders read-only. ; Make /usr, /boot, /etc and possibly some more folders read-only.
ProtectSystem=full ProtectSystem=full