Created
May 8, 2020 18:11
-
-
Save emilazy/53b81dc6ae809754371a1d8b1b7f0a7d to your computer and use it in GitHub Desktop.
systemctl {cat,show} acme-dns.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /nix/store/p1nv22819nyg9vyd0dpkk3fdvjax7r02-unit-acme-dns.service/acme-dns.service | |
[Unit] | |
After=network-online.target | |
Description=acme-dns server | |
[Service] | |
Environment="LOCALE_ARCHIVE=/nix/store/9b725cly2a6a61vb8bgz7cyr0xr8y2av-glibc-locales-2.30/lib/locale/locale-archive" | |
Environment="PATH=/nix/store/ca9mkrf8sa8md8pv61jslhcnfk9mmg4p-coreutils-8.31/bin:/nix/store/hg3albf7g05ljfqrfjhd58rblimrp6ph-findutils-4.7.0/bin:/nix/store/8pajzfyqx1v7dz1znrnrc4pqj5rmnx24-gnugrep-3.4/bin:/nix/store/jpqlmf3wqg281j8fdz50kjl525pfsxjc-gnused-4.8/bin:/nix/store/zbxfs37qjj6ddrfnzrdnxnkrvvm1ddsf-systemd-245.3/bin:/nix/store/ca9mkrf8sa8md8pv61jslhcnfk9mmg4p-coreutils-8.31/sbin:/nix/store/hg3albf7g05ljfqrfjhd58rblimrp6ph-findutils-4.7.0/sbin:/nix/store/8pajzfyqx1v7dz1znrnrc4pqj5rmnx24-gnugrep-3.4/sbin:/nix/store/jpqlmf3wqg281j8fdz50kjl525pfsxjc-gnused-4.8/sbin:/nix/store/zbxfs37qjj6ddrfnzrdnxnkrvvm1ddsf-systemd-245.3/sbin" | |
Environment="TZDIR=/nix/store/wmry9mqmimq8ib8ijli4g1yx92gxjli5-tzdata-2019c/share/zoneinfo" | |
AmbientCapabilities=CAP_NET_BIND_SERVICE | |
BindReadOnlyPaths=/nix/store | |
BindReadOnlyPaths=-/etc/ld-nix.so.preload | |
BindReadOnlyPaths=-/etc/resolv.conf | |
BindReadOnlyPaths=-/etc/nsswitch.conf | |
BindReadOnlyPaths=-/etc/hosts | |
BindReadOnlyPaths=-/etc/localtime | |
CapabilityBoundingSet=CAP_NET_BIND_SERVICE | |
DynamicUser=true | |
ExecStart=/nix/store/k6gb37kq9jxqwxlcfi9r5frf9z4ls246-acme-dns-0.8/bin/acme-dns -c /nix/store/8qbcv5f8zxwgi56wzlsyrnw6mybgvpnd-acme-dns.toml | |
LockPersonality=true | |
MemoryDenyWriteExecute=true | |
PrivateDevices=true | |
ProtectClock=yes | |
ProtectControlGroups=true | |
ProtectHome=true | |
ProtectHostname=true | |
ProtectKernelLogs=true | |
ProtectKernelModules=true | |
ProtectKernelTunables=true | |
Restart=always | |
RestartSec=10s | |
RestrictAddressFamilies=AF_INET | |
RestrictAddressFamilies=AF_INET6 | |
RestrictNamespaces=true | |
RestrictRealtime=true | |
StartLimitInterval=1min | |
StateDirectory=acme-dns | |
StateDirectoryMode=0700 | |
SystemCallArchitectures=native | |
SystemCallErrorNumber=EPERM | |
SystemCallFilter=@system-service | |
SystemCallFilter=~@privileged @resources @setuid @keyring | |
TemporaryFileSystem=/:ro | |
UMask=077 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Type=simple | |
Restart=always | |
NotifyAccess=none | |
RestartUSec=10s | |
TimeoutStartUSec=1min 30s | |
TimeoutStopUSec=1min 30s | |
TimeoutAbortUSec=1min 30s | |
RuntimeMaxUSec=infinity | |
WatchdogUSec=0 | |
WatchdogTimestampMonotonic=0 | |
RootDirectoryStartOnly=no | |
RemainAfterExit=no | |
GuessMainPID=yes | |
MainPID=19675 | |
ControlPID=0 | |
FileDescriptorStoreMax=0 | |
NFileDescriptorStore=0 | |
StatusErrno=0 | |
Result=success | |
ReloadResult=success | |
CleanResult=success | |
UID=62446 | |
GID=62446 | |
NRestarts=0 | |
OOMPolicy=stop | |
ExecMainStartTimestamp=Fri 2020-05-08 18:01:37 UTC | |
ExecMainStartTimestampMonotonic=1822810661 | |
ExecMainExitTimestampMonotonic=0 | |
ExecMainPID=19675 | |
ExecMainCode=0 | |
ExecMainStatus=0 | |
ExecStart={ path=/nix/store/k6gb37kq9jxqwxlcfi9r5frf9z4ls246-acme-dns-0.8/bin/acme-dns ; argv[]=/nix/store/k6gb37kq9jxqwxlcfi9r5frf9z4ls246-acme-dns-0.8/bin/acme-dns -c /nix/store/8qbcv5f8zxwgi56wzlsyrnw6mybgvpnd-acme-dns.toml ; ignore_errors=no ; start_time=[Fri 2020-05-08 18:01:37 UTC] ; stop_time=[n/a] ; pid=19675 ; code=(null) ; status=0/0 } | |
ExecStartEx={ path=/nix/store/k6gb37kq9jxqwxlcfi9r5frf9z4ls246-acme-dns-0.8/bin/acme-dns ; argv[]=/nix/store/k6gb37kq9jxqwxlcfi9r5frf9z4ls246-acme-dns-0.8/bin/acme-dns -c /nix/store/8qbcv5f8zxwgi56wzlsyrnw6mybgvpnd-acme-dns.toml ; flags= ; start_time=[Fri 2020-05-08 18:01:37 UTC] ; stop_time=[n/a] ; pid=19675 ; code=(null) ; status=0/0 } | |
Slice=system.slice | |
ControlGroup=/system.slice/acme-dns.service | |
MemoryCurrent=2801664 | |
CPUUsageNSec=278710103 | |
EffectiveCPUs= | |
EffectiveMemoryNodes= | |
TasksCurrent=6 | |
IPIngressBytes=65 | |
IPIngressPackets=1 | |
IPEgressBytes=64 | |
IPEgressPackets=1 | |
IOReadBytes=18446744073709551615 | |
IOReadOperations=18446744073709551615 | |
IOWriteBytes=18446744073709551615 | |
IOWriteOperations=18446744073709551615 | |
Delegate=no | |
CPUAccounting=yes | |
CPUWeight=[not set] | |
StartupCPUWeight=[not set] | |
CPUShares=[not set] | |
StartupCPUShares=[not set] | |
CPUQuotaPerSecUSec=infinity | |
CPUQuotaPeriodUSec=infinity | |
AllowedCPUs= | |
AllowedMemoryNodes= | |
IOAccounting=yes | |
IOWeight=[not set] | |
StartupIOWeight=[not set] | |
BlockIOAccounting=yes | |
BlockIOWeight=[not set] | |
StartupBlockIOWeight=[not set] | |
MemoryAccounting=yes | |
DefaultMemoryLow=0 | |
DefaultMemoryMin=0 | |
MemoryMin=0 | |
MemoryLow=0 | |
MemoryHigh=infinity | |
MemoryMax=infinity | |
MemorySwapMax=infinity | |
MemoryLimit=infinity | |
DevicePolicy=closed | |
DeviceAllow=char-rtc r | |
TasksAccounting=yes | |
TasksMax=4915 | |
IPAccounting=yes | |
Environment=LOCALE_ARCHIVE=/nix/store/9b725cly2a6a61vb8bgz7cyr0xr8y2av-glibc-locales-2.30/lib/locale/locale-archive PATH=/nix/store/ca9mkrf8sa8md8pv61jslhcnfk9mmg4p-coreutils-8.31/bin:/nix/store/hg3albf7g05ljfqrfjhd58rblimrp6ph-findutils-4.7.0/bin:/nix/store/8pajzfyqx1v7dz1znrnrc4pqj5rmnx24-gnugrep-3.4/bin:/nix/store/jpqlmf3wqg281j8fdz50kjl525pfsxjc-gnused-4.8/bin:/nix/store/zbxfs37qjj6ddrfnzrdnxnkrvvm1ddsf-systemd-245.3/bin:/nix/store/ca9mkrf8sa8md8pv61jslhcnfk9mmg4p-coreutils-8.31/sbin:/nix/store/hg3albf7g05ljfqrfjhd58rblimrp6ph-findutils-4.7.0/sbin:/nix/store/8pajzfyqx1v7dz1znrnrc4pqj5rmnx24-gnugrep-3.4/sbin:/nix/store/jpqlmf3wqg281j8fdz50kjl525pfsxjc-gnused-4.8/sbin:/nix/store/zbxfs37qjj6ddrfnzrdnxnkrvvm1ddsf-systemd-245.3/sbin TZDIR=/nix/store/wmry9mqmimq8ib8ijli4g1yx92gxjli5-tzdata-2019c/share/zoneinfo | |
UMask=0077 | |
LimitCPU=infinity | |
LimitCPUSoft=infinity | |
LimitFSIZE=infinity | |
LimitFSIZESoft=infinity | |
LimitDATA=infinity | |
LimitDATASoft=infinity | |
LimitSTACK=infinity | |
LimitSTACKSoft=8388608 | |
LimitCORE=infinity | |
LimitCORESoft=infinity | |
LimitRSS=infinity | |
LimitRSSSoft=infinity | |
LimitNOFILE=524288 | |
LimitNOFILESoft=1024 | |
LimitAS=infinity | |
LimitASSoft=infinity | |
LimitNPROC=128122 | |
LimitNPROCSoft=128122 | |
LimitMEMLOCK=65536 | |
LimitMEMLOCKSoft=65536 | |
LimitLOCKS=infinity | |
LimitLOCKSSoft=infinity | |
LimitSIGPENDING=128122 | |
LimitSIGPENDINGSoft=128122 | |
LimitMSGQUEUE=819200 | |
LimitMSGQUEUESoft=819200 | |
LimitNICE=0 | |
LimitNICESoft=0 | |
LimitRTPRIO=0 | |
LimitRTPRIOSoft=0 | |
LimitRTTIME=infinity | |
LimitRTTIMESoft=infinity | |
OOMScoreAdjust=0 | |
Nice=0 | |
IOSchedulingClass=0 | |
IOSchedulingPriority=0 | |
CPUSchedulingPolicy=0 | |
CPUSchedulingPriority=0 | |
CPUAffinity= | |
CPUAffinityFromNUMA=no | |
NUMAPolicy=n/a | |
NUMAMask= | |
TimerSlackNSec=50000 | |
CPUSchedulingResetOnFork=no | |
NonBlocking=no | |
StandardInput=null | |
StandardInputData= | |
StandardOutput=journal | |
StandardError=inherit | |
TTYReset=no | |
TTYVHangup=no | |
TTYVTDisallocate=no | |
SyslogPriority=30 | |
SyslogLevelPrefix=yes | |
SyslogLevel=6 | |
SyslogFacility=3 | |
LogLevelMax=-1 | |
LogRateLimitIntervalUSec=0 | |
LogRateLimitBurst=0 | |
SecureBits=0 | |
CapabilityBoundingSet=cap_net_bind_service | |
AmbientCapabilities=cap_net_bind_service | |
User=acme-dns | |
Group=acme-dns | |
DynamicUser=yes | |
RemoveIPC=yes | |
MountFlags= | |
PrivateTmp=yes | |
PrivateDevices=yes | |
ProtectKernelTunables=yes | |
ProtectKernelModules=yes | |
ProtectKernelLogs=yes | |
ProtectControlGroups=yes | |
PrivateNetwork=no | |
PrivateUsers=no | |
PrivateMounts=no | |
ProtectHome=yes | |
ProtectSystem=strict | |
SameProcessGroup=no | |
UtmpMode=init | |
IgnoreSIGPIPE=yes | |
NoNewPrivileges=yes | |
SystemCallFilter=_llseek _newselect accept accept4 access alarm arch_prctl bind brk capget chdir chmod clock_getres clock_getres_time64 clock_gettime clock_gettime64 clock_nanosleep clock_nanosleep_time64 clone clone3 close connect copy_file_range creat dup dup2 dup3 epoll_create epoll_create1 epoll_ctl epoll_ctl_old epoll_pwait epoll_wait epoll_wait_old eventfd eventfd2 execve execveat exit exit_group faccessat fadvise64 fadvise64_64 fallocate fchdir fchmod fchmodat fcntl fcntl64 fdatasync fgetxattr flistxattr flock fork fremovexattr fsetxattr fstat fstat64 fstatat64 fstatfs fstatfs64 fsync ftruncate ftruncate64 futex futex_time64 futimesat get_mempolicy get_robust_list get_thread_area getcpu getcwd getdents getdents64 getegid getegid32 geteuid geteuid32 getgid getgid32 getgroups getgroups32 getitimer getpeername getpgid getpgrp getpid getppid getpriority getrandom getresgid getresgid32 getresuid getresuid32 getrlimit getrusage getsid getsockname getsockopt gettid gettimeofday getuid getuid32 getxattr inotify_add_watch inotify_init inotify_init1 inotify_rm_watch io_cancel io_destroy io_getevents io_pgetevents io_pgetevents_time64 io_setup io_submit io_uring_enter io_uring_register io_uring_setup ioctl ioprio_get ipc kcmp kill lgetxattr link linkat listen listxattr llistxattr lremovexattr lseek lsetxattr lstat lstat64 madvise membarrier memfd_create mkdir mkdirat mknod mknodat mlock mlock2 mlockall mmap mmap2 mprotect mq_getsetattr mq_notify mq_open mq_timedreceive mq_timedreceive_time64 mq_timedsend mq_timedsend_time64 mq_unlink mremap msgctl msgget msgrcv msgsnd msync munlock munlockall munmap name_to_handle_at nanosleep newfstatat oldfstat oldlstat oldolduname oldstat olduname open openat pause personality pidfd_open pidfd_send_signal pipe pipe2 poll ppoll ppoll_time64 prctl pread64 preadv preadv2 prlimit64 process_vm_readv process_vm_writev pselect6 pselect6_time64 pwrite64 pwritev pwritev2 read readahead readdir readlink readlinkat readv recv recvfrom recvmmsg recvmmsg_time64 recvmsg remap_file_pages removexattr rename renameat renameat2 restart_syscall rmdir rseq rt_sigaction rt_sigpending rt_sigprocmask rt_sigqueueinfo rt_sigreturn rt_sigsuspend rt_sigtimedwait rt_sigtimedwait_time64 rt_tgsigqueueinfo sched_get_priority_max sched_get_priority_min sched_getaffinity sched_getattr sched_getparam sched_getscheduler sched_rr_get_interval sched_rr_get_interval_time64 sched_yield select semctl semget semop semtimedop semtimedop_time64 send sendfile sendfile64 sendmmsg sendmsg sendto set_robust_list set_thread_area set_tid_address set_tls setfsgid setfsgid32 setitimer setns setpgid setsid setsockopt setxattr shmat shmctl shmdt shmget shutdown sigaction sigaltstack signal signalfd signalfd4 sigpending sigprocmask sigreturn sigsuspend socket socketcall socketpair splice stat stat64 statfs statfs64 statx swapcontext symlink symlinkat sync sync_file_range sync_file_range2 syncfs sysinfo tee tgkill time timer_create timer_delete timer_getoverrun timer_gettime timer_gettime64 timer_settime timer_settime64 timerfd_create timerfd_gettime timerfd_gettime64 timerfd_settime timerfd_settime64 times tkill truncate truncate64 ugetrlimit umask uname unlink unlinkat unshare userfaultfd utime utimensat utimensat_time64 utimes vfork vmsplice wait4 waitid waitpid write writev | |
SystemCallArchitectures=native | |
SystemCallErrorNumber=1 | |
LockPersonality=yes | |
RestrictAddressFamilies=AF_INET AF_INET6 | |
RuntimeDirectoryPreserve=no | |
RuntimeDirectoryMode=0755 | |
StateDirectoryMode=0700 | |
StateDirectory=acme-dns | |
CacheDirectoryMode=0755 | |
LogsDirectoryMode=0755 | |
ConfigurationDirectoryMode=0755 | |
TimeoutCleanUSec=infinity | |
MemoryDenyWriteExecute=yes | |
RestrictRealtime=yes | |
RestrictSUIDSGID=yes | |
RestrictNamespaces=yes | |
BindReadOnlyPaths=/nix/store:/nix/store:rbind -/etc/ld-nix.so.preload:/etc/ld-nix.so.preload:rbind -/etc/resolv.conf:/etc/resolv.conf:rbind -/etc/nsswitch.conf:/etc/nsswitch.conf:rbind -/etc/hosts:/etc/hosts:rbind -/etc/localtime:/etc/localtime:rbind | |
TemporaryFileSystem=/:ro | |
MountAPIVFS=no | |
KeyringMode=private | |
ProtectHostname=yes | |
KillMode=control-group | |
KillSignal=15 | |
RestartKillSignal=15 | |
FinalKillSignal=9 | |
SendSIGKILL=yes | |
SendSIGHUP=no | |
WatchdogSignal=6 | |
Id=acme-dns.service | |
Names=acme-dns.service | |
Requires=-.mount system.slice tmp.mount sysinit.target | |
WantedBy=multi-user.target | |
Conflicts=shutdown.target | |
Before=multi-user.target shutdown.target | |
After=basic.target network-online.target tmp.mount sysinit.target -.mount systemd-tmpfiles-setup.service systemd-journald.socket system.slice | |
RequiresMountsFor=/var/tmp /tmp /var/lib/acme-dns | |
Description=acme-dns server | |
LoadState=loaded | |
ActiveState=active | |
SubState=running | |
FragmentPath=/nix/store/p1nv22819nyg9vyd0dpkk3fdvjax7r02-unit-acme-dns.service/acme-dns.service | |
UnitFileState=enabled | |
UnitFilePreset=enabled | |
StateChangeTimestamp=Fri 2020-05-08 18:01:37 UTC | |
StateChangeTimestampMonotonic=1822810941 | |
InactiveExitTimestamp=Fri 2020-05-08 18:01:37 UTC | |
InactiveExitTimestampMonotonic=1822810941 | |
ActiveEnterTimestamp=Fri 2020-05-08 18:01:37 UTC | |
ActiveEnterTimestampMonotonic=1822810941 | |
ActiveExitTimestamp=Fri 2020-05-08 18:01:36 UTC | |
ActiveExitTimestampMonotonic=1822003907 | |
InactiveEnterTimestamp=Fri 2020-05-08 18:01:36 UTC | |
InactiveEnterTimestampMonotonic=1822005438 | |
CanStart=yes | |
CanStop=yes | |
CanReload=no | |
CanIsolate=no | |
CanClean=state | |
StopWhenUnneeded=no | |
RefuseManualStart=no | |
RefuseManualStop=no | |
AllowIsolate=no | |
DefaultDependencies=yes | |
OnFailureJobMode=replace | |
IgnoreOnIsolate=no | |
NeedDaemonReload=no | |
JobTimeoutUSec=infinity | |
JobRunningTimeoutUSec=infinity | |
JobTimeoutAction=none | |
ConditionResult=yes | |
AssertResult=yes | |
ConditionTimestamp=Fri 2020-05-08 18:01:37 UTC | |
ConditionTimestampMonotonic=1822807806 | |
AssertTimestamp=Fri 2020-05-08 18:01:37 UTC | |
AssertTimestampMonotonic=1822807806 | |
Transient=no | |
Perpetual=no | |
StartLimitIntervalUSec=1min | |
StartLimitBurst=5 | |
StartLimitAction=none | |
FailureAction=none | |
SuccessAction=none | |
InvocationID=1e0749712d7a49fc9ede68eb478f4149 | |
CollectMode=inactive |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment