31 lines
783 B
SYSTEMD
31 lines
783 B
SYSTEMD
|
[Unit]
|
||
|
Description=Zulip Fediverse Authentication
|
||
|
Before=nginx.service
|
||
|
|
||
|
[Service]
|
||
|
# Zulip API key for user with create user rights
|
||
|
Environment=API_KEY=your-api-key
|
||
|
# JWT secret
|
||
|
Environment=SECRET=your-jwt-secret
|
||
|
Environment=PORT=8091
|
||
|
Environment=ZULIP=your-server.tld
|
||
|
Environment=DB=/var/lib/zulip-fedi/db/db.sqlite
|
||
|
Environment=PYTHONUNBUFFERED=1
|
||
|
|
||
|
#ExecStart=/var/lib/zulip-fedi/venv/bin/python3 auth.py
|
||
|
ExecStart=/var/lib/zulip-fedi/venv/bin/gunicorn --bind 127.0.0.1:8091 auth:app
|
||
|
WorkingDirectory=/var/lib/zulip-fedi/zulip-fediverse-auth
|
||
|
User=zulip-fedi
|
||
|
Group=zulip-fedi
|
||
|
|
||
|
PrivateDevices=true
|
||
|
PrivateTmp=true
|
||
|
ProtectSystem=strict
|
||
|
ProtectHome=true
|
||
|
NoNewPrivileges=true
|
||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN
|
||
|
ReadWritePaths=/var/lib/zulip-fedi/db
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|