fix #18 use node binary and don't list files and dirs that don't exist
This commit is contained in:
parent
388733568d
commit
ea3506c352
|
@ -23,7 +23,7 @@ User=www-data
|
|||
Group=www-data
|
||||
|
||||
# If we need to pass environment variables in the future
|
||||
; Environment=GOLDILOCKS_PATH=/opt/goldilocks
|
||||
Environment=GOLDILOCKS_PATH=/srv/www
|
||||
|
||||
# Set a sane working directory, sane flags, and specify how to reload the config file
|
||||
WorkingDirectory=/srv/www
|
||||
|
@ -46,11 +46,12 @@ ProtectSystem=full
|
|||
# … except TLS/SSL, ACME, and Let's Encrypt certificates
|
||||
# and /var/log/goldilocks, because we want a place where logs can go.
|
||||
# This merely retains r/w access rights, it does not add any new. Must still be writable on the host!
|
||||
ReadWriteDirectories=/etc/goldilocks /etc/acme /etc/letsencrypt /etc/ssl /var/log/goldilocks /opt/goldilocks /srv/www
|
||||
ReadWriteDirectories=/etc/goldilocks /etc/ssl /srv/www /var/log/goldilocks
|
||||
# you may also want to add other directories such as /opt/goldilocks /etc/acme /etc/letsencrypt
|
||||
|
||||
# Note: in v231 and above ReadWritePaths has been renamed to ReadWriteDirectories
|
||||
; ReadWritePaths=/etc/goldilocks /var/log/goldilocks
|
||||
;
|
||||
|
||||
# The following additional security directives only work with systemd v229 or later.
|
||||
# They further retrict privileges that can be gained.
|
||||
# Note that you may have to add capabilities required by any plugins in use.
|
||||
|
@ -65,4 +66,4 @@ NoNewPrivileges=true
|
|||
; NoNewPrivileges=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue