34 lines
922 B
SYSTEMD
34 lines
922 B
SYSTEMD
|
[Unit]
|
||
|
Description=Forgejo (Beyond coding. We forge.)
|
||
|
After=network.target
|
||
|
|
||
|
[Service]
|
||
|
# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
|
||
|
# LimitNOFILE=524288:524288
|
||
|
RestartSec=2s
|
||
|
Type=simple
|
||
|
User=forgejo
|
||
|
Group=forgejo
|
||
|
WorkingDirectory=/var/lib/forgejo/
|
||
|
ExecStart=/usr/bin/forgejo web --config /etc/forgejo/conf/app.ini
|
||
|
Restart=always
|
||
|
Environment=USER=forgejo
|
||
|
Environment=HOME=/usr/share/forgejo
|
||
|
Environment=GITEA_WORK_DIR=/var/lib/forgejo
|
||
|
Environment=GITEA_CUSTOM=/etc/forgejo
|
||
|
# added automatically, for details please see
|
||
|
# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
||
|
ProtectHome=true
|
||
|
PrivateDevices=true
|
||
|
ProtectHostname=true
|
||
|
ProtectClock=true
|
||
|
ProtectKernelTunables=true
|
||
|
ProtectKernelModules=true
|
||
|
ProtectKernelLogs=true
|
||
|
ProtectControlGroups=true
|
||
|
RestrictRealtime=true
|
||
|
# end of automatic additions
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|