From f7b81fac248b89d2f91809366ef5af47d6fa095b Mon Sep 17 00:00:00 2001 From: Limezy Date: Tue, 30 Aug 2022 11:45:03 +0700 Subject: [PATCH] First step fix --- conf/systemd.service | 11 +++++++++++ manifest.json | 4 ++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/conf/systemd.service b/conf/systemd.service index 98825c1..5449833 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,6 +6,17 @@ After=network.target Type=simple User=__APP__ Group=__APP__ + +# Have all filesystem look like invisible for the service +TemporaryFileSystem=/:ro + +# Manually mount what is needed for the service to run +# Ref: https://www.sherbers.de/use-temporaryfilesystem-to-hide-files-or-directories-from-systemd-services/ + +BindReadOnlyPaths=/lib/ /lib64/ /usr/lib/ /usr/lib64/ /etc/ld.so.cache /etc/ld.so.conf /etc/ld.so.conf.d/ /etc/bindresvport.blacklist /usr/share/zoneinfo/ /usr/share/locale/ /etc/localtime /usr/share/common-licenses/ /etc/ssl/certs/ /etc/alternatives/ +BindReadOnlyPaths=/dev/log /run/systemd/journal/socket /run/systemd/journal/stdout /run/systemd/notify +BindPaths=/var/www/photoprism /var/www/photoprism/live/bin /home/yunohost.app/photoprism /usr /etc /var /home /dev /etc /usr /media /mnt /opt /proc /run /srv /sys /tmp + EnvironmentFile=__FINALPATH__/.env WorkingDirectory=__FINALPATH__/live/bin ExecStart=__FINALPATH__/live/bin/photoprism --trace start diff --git a/manifest.json b/manifest.json index d2784aa..83d9ddc 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "AI-Powered Photos App for the Decentralized Web", "fr": "Gestion de photos en ligne" }, - "version": "2022.07.30~ynh2", + "version": "2022.07.30~ynh3", "url": "photoprism.app", "upstream": { "license": "AGPL-3.0-only", @@ -21,7 +21,7 @@ "name": "Thovi98" }, "requirements": { - "yunohost": ">= 4.3.6.2" + "yunohost": ">= 11.0.9.12" }, "multi_instance": true, "services": [