summaryrefslogtreecommitdiffstats
path: root/roleproxy.service
diff options
context:
space:
mode:
authorGeorg Pfuetzenreuter2023-01-29 19:20:36 +0100
committerGeorg Pfuetzenreuter2023-01-29 19:21:46 +0100
commit4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c (patch)
tree95e42075b23665159b197e54094007086d00ee59 /roleproxy.service
downloadsalt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.tar.gz
salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.tar.bz2
salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.zip
Init
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
Diffstat (limited to 'roleproxy.service')
-rw-r--r--roleproxy.service24
1 files changed, 24 insertions, 0 deletions
diff --git a/roleproxy.service b/roleproxy.service
new file mode 100644
index 0000000..2c53b28
--- /dev/null
+++ b/roleproxy.service
@@ -0,0 +1,24 @@
+# This file is shipped as part of the salt-netbox-roleproxy package.
+# Author: Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
+
+[Unit]
+Description=Salt NetBox Role Proxy
+
+[Service]
+User=roleproxy
+EnvironmentFile=/etc/sysconfig/roleproxy
+ExecStart=/usr/local/bin/roleproxy.py
+ProtectSystem=strict
+ProtectHome=yes
+PrivateDevices=yes
+PrivateTmp=yes
+PrivateUsers=yes
+ProtectKernelTunables=yes
+ProtectKernelLogs=yes
+ProtectControlGroups=yes
+RestrictAddressFamilies=AF_INET6 AF_INET
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+
+[Install]
+WantedBy=multi-user.target