Página Principal Explorar Ajuda
Iniciar Sessão
jgf
/
bookwyrm
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ramo: main
Ramos Etiquetas
bookwyrm
/
contrib
/
systemd
/
bookwyrm-worker.service

bookwyrm-worker.service 980 B
Link permanente Histórico Em bruto

12345678910111213141516171819202122232425262728293031323334 
  1. [Unit]
    2. 

  2. Description=BookWyrm worker
    3. 

  3. After=network.target postgresql.service redis.service
    4. 

  4. 

  5. [Service]
    6. 

  6. User=bookwyrm
    7. 

  7. Group=bookwyrm
    8. 

  8. WorkingDirectory=/opt/bookwyrm
    9. 

  9. ExecStart=/opt/bookwyrm/venv/bin/celery -A celerywyrm worker -l info -Q high_priority,medium_priority,low_priority,streams,images,suggested_users,email,connectors,lists,inbox,imports,import_triggered,broadcast,misc
    10. 

  10. StandardOutput=journal
    11. 

  11. StandardError=inherit
    12. 

  12. ProtectSystem=strict
    13. 

  13. ProtectHome=tmpfs
    14. 

  14. InaccessiblePaths=-/media -/mnt -/srv
    15. 

  15. PrivateTmp=yes
    16. 

  16. TemporaryFileSystem=/var /run /opt
    17. 

  17. PrivateUsers=true
    18. 

  18. PrivateDevices=true
    19. 

  19. BindReadOnlyPaths=/opt/bookwyrm
    20. 

  20. BindPaths=/opt/bookwyrm/images /opt/bookwyrm/static /var/run/postgresql
    21. 

  21. LockPersonality=yes
    22. 

  22. MemoryDenyWriteExecute=true
    23. 

  23. PrivateMounts=true
    24. 

  24. ProtectHostname=true
    25. 

  25. ProtectClock=true
    26. 

  26. ProtectKernelTunables=true
    27. 

  27. ProtectKernelModules=true
    28. 

  28. ProtectKernelLogs=true
    29. 

  29. ProtectControlGroups=true
    30. 

  30. RestrictRealtime=true
    31. 

  31. RestrictNamespaces=net
    32. 

  32. 

  33. [Install]
    34. 

  34. WantedBy=multi-user.target
    35.