Created
June 7, 2022 20:26
-
-
Save lbehm/79075e023700fbf0f51604fab8f6c684 to your computer and use it in GitHub Desktop.
postgrest systemd scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=REST API for any Postgres database | |
| After=postgresql.target network.target | |
| Documentation=https://postgrest.org/en/stable/ | |
| [Service] | |
| Type=exec | |
| ExecStart=/usr/bin/postgrest /etc/postgrest/%i.conf | |
| ExecStop=/bin/kill -s HUP $MAINPID | |
| ExecReload=/bin/kill -s SIGUSR2 $MAINPID | |
| TimeoutStopSec=0 | |
| Restart=always | |
| UMask=007 | |
| PrivateTmp=yes | |
| LimitNOFILE=65535 | |
| PrivateDevices=yes | |
| ProtectHome=yes | |
| ReadOnlyDirectories=/ | |
| NoNewPrivileges=true | |
| CapabilityBoundingSet= | |
| MemoryDenyWriteExecute=true | |
| ProtectKernelModules=true | |
| ProtectKernelTunables=true | |
| ProtectControlGroups=true | |
| RestrictRealtime=true | |
| RestrictNamespaces=true | |
| RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX | |
| ProtectSystem=full | |
| DynamicUser=yes | |
| ConfigurationDirectory=postgrest | |
| [Install] | |
| WantedBy=multi-user.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment