msfjarvis/server-config
1
Fork 0
mirror of https://github.com/msfjarvis/server-config synced 2025-08-13 22:57:01 +05:30
Code Issues Projects Releases Packages Wiki Activity Actions
server-config/systemd_units/goaccess.service
Harsh Shandilya e40c2c999b
systemd: Sync security options across units 
Signed-off-by: Harsh Shandilya <msfjarvis@gmail.com>
2020-01-09 09:04:26 +05:30

31 lines
817 B
Desktop File
Raw Blame History

[Unit]
Description=goaccess: real-time web log analyzer
After=syslog.target
After=network.target
[Service]
LimitMEMLOCK=infinity
LimitNOFILE=65535
RestartSec=2s
Type=simple
User=caddy
Group=caddy
ExecStart=/usr/bin/goaccess --log-format=VCOMMON --ws-url=wss://stats.msfjarvis.dev/ws --output=/var/www/stats.msfjarvis.dev/index.html --log-file=/etc/logs/requests.log --no-query-string --anonymize-ip --double-decode --real-os --compression=zlib --real-time-html
Restart=always
# Security
PrivateTmp=true
ProtectSystem=full
ProtectHome=true
NoNewPrivileges=true
ProtectControlGroups=true
ProtectKernelModules=true
ProtectKernelTunables=true
PrivateDevices=true
RestrictAddressFamilies=AF_INET AF_INET6
RestrictNamespaces=true
RestrictRealtime=true
SystemCallArchitectures=native
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink