2023-01-29 19:20:36 +01:00
|
|
|
# This file is shipped as part of the salt-netbox-roleproxy package.
|
|
|
|
# Author: Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
|
|
|
|
|
|
|
|
[Unit]
|
|
|
|
Description=Salt NetBox Role Proxy
|
|
|
|
|
|
|
|
[Service]
|
2023-01-29 19:38:50 +01:00
|
|
|
User=_roleproxy
|
|
|
|
Group=_roleproxy
|
2023-01-29 19:20:36 +01:00
|
|
|
EnvironmentFile=/etc/sysconfig/roleproxy
|
|
|
|
ExecStart=/usr/local/bin/roleproxy.py
|
|
|
|
ProtectSystem=strict
|
|
|
|
ProtectHome=yes
|
|
|
|
PrivateDevices=yes
|
|
|
|
PrivateTmp=yes
|
|
|
|
PrivateUsers=yes
|
|
|
|
ProtectKernelTunables=yes
|
|
|
|
ProtectKernelLogs=yes
|
|
|
|
ProtectControlGroups=yes
|
|
|
|
RestrictAddressFamilies=AF_INET6 AF_INET
|
|
|
|
SystemCallArchitectures=native
|
|
|
|
SystemCallFilter=@system-service
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|