syncthing/etc/linux-systemd/system/syncthing@.service
André Colomb 3e99ddfbf0
etc/linux-systemd: Mention AmbientCapabilities for syncOwnership. (#8536)
Add a commented entry to the systemd service file templates to point
the user in the right direction when using syncOwnership and starting
via systemd.  Which is more upgrade-friendly than setting caps on the
executable directly, as mentioned in the docs.
2022-09-13 10:00:47 +02:00

29 lines
688 B
Desktop File

[Unit]
Description=Syncthing - Open Source Continuous File Synchronization for %I
Documentation=man:syncthing(1)
After=network.target
StartLimitIntervalSec=60
StartLimitBurst=4
[Service]
User=%i
ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0
Restart=on-failure
RestartSec=1
SuccessExitStatus=3 4
RestartForceExitStatus=3 4
# Hardening
ProtectSystem=full
PrivateTmp=true
SystemCallArchitectures=native
MemoryDenyWriteExecute=true
NoNewPrivileges=true
# Elevated permissions to sync ownership (disabled by default),
# see https://docs.syncthing.net/advanced/folder-sync-ownership
#AmbientCapabilities=CAP_CHOWN CAP_FOWNER
[Install]
WantedBy=multi-user.target