mirror of
https://github.com/OpenNebula/one.git
synced 2025-01-06 13:17:42 +03:00
36 lines
998 B
Desktop File
36 lines
998 B
Desktop File
[Unit]
|
|
Description=OpenNebula Web UI Server
|
|
After=syslog.target network.target
|
|
After=opennebula.service
|
|
Wants=opennebula-novnc.service
|
|
AssertFileNotEmpty=/var/lib/one/.one/sunstone_auth
|
|
|
|
[Service]
|
|
Type=simple
|
|
Group=oneadmin
|
|
User=oneadmin
|
|
ExecStartPre=-/usr/sbin/logrotate -f /etc/logrotate.d/opennebula-sunstone -s /var/lib/one/.logrotate.status
|
|
ExecStart=/usr/bin/ruby /usr/lib/one/sunstone/sunstone-server.rb
|
|
ReadWriteDirectories=/var/lib/one /var/log/one/
|
|
ReadOnlyDirectories=-/var/lib/one/remotes
|
|
InaccessibleDirectories=-/var/lib/one/datastores
|
|
ReadWriteDirectories=/var/tmp
|
|
PrivateTmp=no
|
|
NoNewPrivileges=yes
|
|
PrivateDevices=yes
|
|
# ProtectSystem=strict is not known by old systemd, so we set
|
|
# full everywhere, and override by strict only where supported.
|
|
ProtectSystem=full
|
|
ProtectSystem=strict
|
|
ProtectHome=yes
|
|
ProtectKernelTunables=yes
|
|
ProtectKernelModules=yes
|
|
ProtectKernelLogs=yes
|
|
StartLimitInterval=60
|
|
StartLimitBurst=3
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|