Init

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
author: Georg Pfuetzenreuter 2023-01-29 19:20:36 +0100
committer: Georg Pfuetzenreuter 2023-01-29 19:21:46 +0100
commit: 4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c (patch)
tree: 95e42075b23665159b197e54094007086d00ee59 /roleproxy.service
download: salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.tar.gz
salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.tar.bz2
salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.zip
1 files changed, 24 insertions, 0 deletions
diff --git a/roleproxy.service b/roleproxy.service
new file mode 100644
index 0000000..2c53b28
--- /dev/null
+++ b/roleproxy.service
@@ -0,0 +1,24 @@
+# This file is shipped as part of the salt-netbox-roleproxy package.
+# Author: Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
+
+[Unit]
+Description=Salt NetBox Role Proxy
+
+[Service]
+User=roleproxy
+EnvironmentFile=/etc/sysconfig/roleproxy
+ExecStart=/usr/local/bin/roleproxy.py
+ProtectSystem=strict
+ProtectHome=yes
+PrivateDevices=yes
+PrivateTmp=yes
+PrivateUsers=yes
+ProtectKernelTunables=yes
+ProtectKernelLogs=yes
+ProtectControlGroups=yes
+RestrictAddressFamilies=AF_INET6 AF_INET
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+
+[Install]
+WantedBy=multi-user.target
author	Georg Pfuetzenreuter	2023-01-29 19:20:36 +0100
committer	Georg Pfuetzenreuter	2023-01-29 19:21:46 +0100
commit	4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c (patch)
tree	95e42075b23665159b197e54094007086d00ee59 /roleproxy.service
download	salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.tar.gz salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.tar.bz2 salt-netbox-roleproxy-4923b43fed1aa3fa8a696cd44b12d0a3ec554f6c.zip