summaryrefslogtreecommitdiffstats
path: root/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2017-05-31 17:39:57 +0200
committerGuilhem Moulin <guilhem@fripost.org>2017-05-31 17:39:57 +0200
commite136d3edbdb6749d4559939dc9fcbc11d166e34c (patch)
tree36e051f5675b003c38bac4fc6eec738698125437 /roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service
parent789f4f2e1b01873b200b973584d1501ba32e3bfd (diff)
/lib/systemd/system → /etc/systemd/system
Diffstat (limited to 'roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service')
-rw-r--r--roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service23
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service b/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service
new file mode 100644
index 0000000..60ab444
--- /dev/null
+++ b/roles/munin-master/files/etc/systemd/system/munin-cgi-graph.service
@@ -0,0 +1,23 @@
+[Unit]
+Description=Munin CGI Graph Service
+After=network.target
+PartOf=munin.service
+Requires=munin-cgi-graph.socket
+
+[Service]
+StandardInput=socket
+User=www-data
+Group=munin
+ExecStart=/usr/lib/munin/cgi/munin-cgi-graph
+
+# Hardening
+NoNewPrivileges=yes
+PrivateDevices=yes
+ProtectHome=yes
+ProtectSystem=full
+ReadOnlyDirectories=/
+ReadWriteDirectories=-/var/log/munin
+ReadWriteDirectories=-/var/lib/munin/cgi-tmp/munin-cgi-graph
+
+[Install]
+WantedBy=multi-user.target