Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:stroeder:sys
gitea
gitea.service
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gitea.service of Package gitea
[Unit] Description=Gitea (Git with a cup of tea) After=syslog.target network.target mysqld.service postgresql.service memcached.service redis.service [Service] # Modify these two values and uncomment them if you have # repos with lots of files and get an HTTP error 500 because # of that ### #LimitMEMLOCK=infinity #LimitNOFILE=65535 RestartSec=2s Type=simple User=gitea Group=gitea WorkingDirectory=/var/lib/gitea Environment=USER=gitea Environment=HOME=/usr/share/gitea Environment=GITEA_WORK_DIR=/var/lib/gitea Environment=GITEA_CUSTOM=/etc/gitea #ExecStartPre=touch /var/log/gitea/access.log ExecStart=/usr/bin/gitea web --config /etc/gitea/conf/app.ini # where Gitea writes files ReadWritePaths=/etc/gitea/conf ReadWritePaths=/usr/share/gitea ReadWritePaths=/var/lib/gitea/data ReadWritePaths=/var/lib/gitea/indexers ReadWritePaths=/var/lib/gitea/queues ReadWritePaths=/var/lib/gitea/repositories ReadWritePaths=/var/log/gitea # If you want to bind Gitea to a port below 1024 then # add CAP_NET_BIND_SERVICE to the following two lines # see also: capabilities(7) ### CapabilityBoundingSet= AmbientCapabilities= # Various other hardening options PrivateTmp=yes PrivateDevices=yes DevicePolicy=closed ProtectSystem=strict ProtectHome=yes ProtectKernelModules=yes ProtectKernelTunables=yes ProtectKernelLogs=yes ProtectControlGroups=yes ProtectHostname=yes ProtectClock=yes NoNewPrivileges=yes MountFlags=private LockPersonality=yes RestrictRealtime=yes RestrictNamespaces=yes RestrictSUIDSGID=yes KeyringMode=private MemoryDenyWriteExecute=yes RemoveIPC=yes SystemCallArchitectures=native SystemCallFilter=@basic-io @network-io @file-system @sync @timer @ipc @io-event @signal @process sysinfo ioctl flock waitid wait4 setpgid uname epoll_ctl madvise @resources RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX UMask=0077 [Install] WantedBy=multi-user.target
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor