From fe7dfdd250b701177f051ad6cdc3dc68695cbfc4 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 24 Oct 2022 17:32:17 -0700 Subject: ref(tools/mpd-stats): delete the project It's been moved to its own repository at https://github.com/fcuny/mpd-stats Update the list of repositories managed by terraform. --- tools/mpd-stats/systemd/mpd-scrobbler.service | 42 --------------------------- 1 file changed, 42 deletions(-) delete mode 100644 tools/mpd-stats/systemd/mpd-scrobbler.service (limited to 'tools/mpd-stats/systemd/mpd-scrobbler.service') diff --git a/tools/mpd-stats/systemd/mpd-scrobbler.service b/tools/mpd-stats/systemd/mpd-scrobbler.service deleted file mode 100644 index e033a99..0000000 --- a/tools/mpd-stats/systemd/mpd-scrobbler.service +++ /dev/null @@ -1,42 +0,0 @@ -[Unit] -Description=mpd scrobbler -Documentation=https://git.fcuny.net/fcuny/mpd-stats -ConditionFileIsExecutable=%h/workspace/go/bin/mpd-scrobbler - -[Service] -ExecStart=%h/workspace/go/bin/mpd-scrobbler -Restart=on-failure - -PrivateTmp=yes -ProtectSystem=strict -NoNewPrivileges=yes -ProtectHome=yes - -# Prohibit access to any kind of namespacing: -RestrictNamespaces=yes - -# Make cgroup file system hierarchy inaccessible: -ProtectControlGroups=yes - -# Deny access to other user’s information in /proc: -ProtectProc=invisible - -# Only allow access to /proc pid files, no other files: -ProcSubset=pid - -# This daemon must not create any new files, but set the umask to 077 just in case. -UMask=077 - -# Filter dangerous system calls. The following is listed as safe basic choice -# in systemd.exec(5): -SystemCallArchitectures=native -SystemCallFilter=@system-service -SystemCallFilter=~@privileged -SystemCallFilter=~@resources -SystemCallErrorNumber=EPERM - -# Deny kernel execution domain changing: -LockPersonality=yes - -# Deny memory mappings that are writable and executable: -MemoryDenyWriteExecute=yes -- cgit 1.4.1