master
Raw Download raw file 
 1[Unit]
 2Description=pocket-id
 3After=network.target
 4Wants=network.target
 5
 6[Service]
 7Type=simple
 8User=pocketid
 9Group=pocketid
10
11# Creates /run/pocket-id owned by pocketid:pocketid 
12RuntimeDirectory=pocket-id
13RuntimeDirectoryMode=0750
14EnvironmentFile=/etc/pocket-id/env
15WorkingDirectory=/var/lib/pocket-id
16ExecStart=/usr/local/bin/pocket-id
17
18Restart=on-failure
19RestartSec=2
20
21# Hardening 
22NoNewPrivileges=true
23PrivateTmp=true
24ProtectSystem=strict
25ProtectHome=true
26ReadWritePaths=/run/pocket-id /var/lib/pocket-id
27
28[Install]
29WantedBy=multi-user.target