add existing pkgbuilds

author: metamuffin <metamuffin@disroot.org> 2024-10-12 16:39:21 +0200
committer: metamuffin <metamuffin@disroot.org> 2024-10-12 16:39:21 +0200
commit: a9fd82ae18eb67f6288d46d40bc893598922d181 (patch)
tree: 0f8f2d2cef42fcac145d5beb097e76197bc6f232 /gpn-tron-git/gpn-tron.service
download: pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar
pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar.bz2
pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar.zst
1 files changed, 32 insertions, 0 deletions
diff --git a/gpn-tron-git/gpn-tron.service b/gpn-tron-git/gpn-tron.service
new file mode 100644
index 0000000..93e353d
--- /dev/null
+++ b/gpn-tron-git/gpn-tron.service
@@ -0,0 +1,32 @@
+[Unit]
+Description=GPN-Tron Rust rewrite
+After=network.target
+Wants=network-online.target
+
+[Service]
+ExecStart=/usr/bin/gpn-tron /etc/gpn-tron.toml
+User=gpn-tron
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+PrivateDevices=true
+PrivateTmp=true
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=true
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectSystem=full
+RestrictAddressFamilies=~AF_PACKET AF_NETLINK
+RestrictNamespaces=yes
+RestrictSUIDSGID=yes
+RestrictRealtime=yes
+Restart=always
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+Type=simple
+
+[Install]
+WantedBy=multi-user.target
author	metamuffin <metamuffin@disroot.org>	2024-10-12 16:39:21 +0200
committer	metamuffin <metamuffin@disroot.org>	2024-10-12 16:39:21 +0200
commit	a9fd82ae18eb67f6288d46d40bc893598922d181 (patch)
tree	0f8f2d2cef42fcac145d5beb097e76197bc6f232 /gpn-tron-git/gpn-tron.service
download	pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar.bz2 pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar.zst