2019-08-05 01:29:15 +02:00
|
|
|
[Unit]
|
2021-04-30 13:49:31 +02:00
|
|
|
Description=vaultwarden Server (Rust Edition)
|
|
|
|
|
Documentation=https://github.com/dani-garcia/vaultwarden
|
2019-08-05 01:29:15 +02:00
|
|
|
After=network.target
|
|
|
|
|
|
|
|
|
|
[Service]
|
2021-04-30 13:49:31 +02:00
|
|
|
# The user/group vaultwarden is run under. the working directory (see below) should allow write and read access to this user/group
|
2019-08-05 01:29:15 +02:00
|
|
|
User=__APP__
|
|
|
|
|
Group=__APP__
|
|
|
|
|
# The location of the .env file for configuration
|
2021-04-30 13:49:31 +02:00
|
|
|
EnvironmentFile=__FINALPATH__/live/vaultwarden.env
|
2019-08-05 01:29:15 +02:00
|
|
|
# The location of the compiled binary
|
2021-04-30 13:49:31 +02:00
|
|
|
ExecStart=__FINALPATH__/live/vaultwarden
|
2019-08-05 01:29:15 +02:00
|
|
|
# Set reasonable connection and process limits
|
|
|
|
|
LimitNOFILE=1048576
|
|
|
|
|
LimitNPROC=64
|
2021-04-30 13:49:31 +02:00
|
|
|
# Isolate vaultwarden from the rest of the system
|
2020-01-27 21:42:10 +01:00
|
|
|
PrivateTmp=true
|
|
|
|
|
PrivateDevices=true
|
|
|
|
|
ProtectHome=true
|
|
|
|
|
ProtectSystem=strict
|
2019-08-05 01:29:15 +02:00
|
|
|
# Only allow writes to the following directory and set it to the working directory (user and password data are stored here)
|
|
|
|
|
WorkingDirectory=__FINALPATH__/live/
|
|
|
|
|
ReadWriteDirectories=__FINALPATH__/live/
|
|
|
|
|
|
|
|
|
|
[Install]
|
2020-12-01 22:04:05 +01:00
|
|
|
WantedBy=multi-user.target
|
