diff options
| -rw-r--r-- | scripts/systemd/gogs.service | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/scripts/systemd/gogs.service b/scripts/systemd/gogs.service index d9f12e30..3a89662a 100644 --- a/scripts/systemd/gogs.service +++ b/scripts/systemd/gogs.service @@ -18,10 +18,13 @@ WorkingDirectory=/home/git/gogs ExecStart=/home/git/gogs/gogs web Restart=always Environment=USER=git HOME=/home/git -# Hardening + +# Some distributions may not support these hardening directives. If you cannot start the service due +# to an unknown option, comment out the ones not supported by your version of systemd. ProtectSystem=full PrivateDevices=yes PrivateTmp=yes +NoNewPrivileges=true [Install] WantedBy=multi-user.target |