msfjarvis/server-config
1
Fork 0
mirror of https://github.com/msfjarvis/server-config synced 2025-08-15 20:17:00 +05:30
Code Issues Projects Releases Packages Wiki Activity Actions
server-config/c9.service
Harsh Shandilya 3c4bef4409
c9: Sync some security settings with caddy upstream 
Signed-off-by: Harsh Shandilya <harsh@prjkt.io>
2018-02-15 00:05:38 +05:30

28 lines
No EOL
842 B
Desktop File
Raw Blame History

[Unit]
Description=cloud9 local IDE
After=network.target
[Service]
Restart=on-abort
Type=simple
User=msfjarvis
WorkingDirectory=/home/msfjarvis
ExecStart=/usr/bin/node /etc/caddy/core/server.js -p 8080 -a : -w ~/
ExecReload=/bin/kill -USR1 $MAINPID
; Use graceful shutdown with a reasonable timeout
KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s
; Use private /tmp and /var/tmp, which are discarded after caddy stops.
PrivateTmp=true
; Use a minimal /dev (May bring additional security if switched to 'true', but it may not work on Raspberry Pi's or other devices, so it has been disabled in this dist.)
PrivateDevices=false
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
ProtectHome=true
; Make /usr, /boot, /etc and possibly some more folders read-only.
ProtectSystem=full
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink