mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-25 10:01:30 +00:00
fbc475ce6b
- Add Systemd user unit files - Security improvements to system unit files - Update the refrence config.json according to the manual
30 lines
699 B
Desktop File
30 lines
699 B
Desktop File
[Unit]
|
|
Description=sing-box user service (%i)
|
|
Documentation=https://sing-box.sagernet.org
|
|
After=basic.target
|
|
|
|
[Service]
|
|
ConfigurationDirectory=sing-box
|
|
ExecReload=/bin/kill -HUP $MAINPID
|
|
ExecStart=/usr/bin/sing-box -D ${STATE_DIRECTORY} -c ${CONFIGURATION_DIRECTORY}/%i.json run
|
|
LimitNOFILE=infinity
|
|
LockPersonality=true
|
|
MemoryDenyWriteExecute=true
|
|
NoNewPrivileges=true
|
|
PrivateDevices=true
|
|
PrivateTmp=true
|
|
PrivateUsers=true
|
|
ProcSubset=pid
|
|
ProtectProc=noaccess
|
|
Restart=on-failure
|
|
RestartSec=10s
|
|
RestrictNamespaces=true
|
|
RestrictRealtime=true
|
|
StateDirectory=sing-box-%i
|
|
SystemCallArchitectures=native
|
|
SystemCallFilter=@system-service
|
|
|
|
[Install]
|
|
WantedBy=default.target
|
|
DefaultInstance=sing-box.service
|