Remove restrictive systemd security settings and expand ReadWritePaths for blockchain node service
Some checks failed
Systemd Sync / sync-systemd (push) Has been cancelled
Some checks failed
Systemd Sync / sync-systemd (push) Has been cancelled
- Remove StartLimitBurst and StartLimitIntervalSec from aitbc-blockchain-node systemd service - Change ReadWritePaths from /var/lib/aitbc/data/blockchain to /var/lib/aitbc/data to allow broader data directory access
This commit is contained in:
aitbc
@@ -22,8 +22,6 @@ TimeoutStopSec=10
|
|||||||
# Production reliability
|
# Production reliability
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=5
|
RestartSec=5
|
||||||
StartLimitBurst=5
|
|
||||||
StartLimitIntervalSec=60
|
|
||||||
|
|
||||||
# Production logging
|
# Production logging
|
||||||
StandardOutput=journal
|
StandardOutput=journal
|
||||||
@@ -34,7 +32,7 @@ SyslogIdentifier=aitbc-blockchain-production
|
|||||||
NoNewPrivileges=true
|
NoNewPrivileges=true
|
||||||
ProtectSystem=strict
|
ProtectSystem=strict
|
||||||
ProtectHome=true
|
ProtectHome=true
|
||||||
ReadWritePaths=/var/lib/aitbc/data/blockchain /var/log/aitbc/production/blockchain
|
ReadWritePaths=/var/lib/aitbc/data /var/log/aitbc/production/blockchain
|
||||||
|
|
||||||
# Production performance
|
# Production performance
|
||||||
LimitNOFILE=65536
|
LimitNOFILE=65536
|
||||||
|
|||||||
Reference in New Issue
Block a user