24 lines
651 B
Plaintext
24 lines
651 B
Plaintext
[Service]
|
|
LimitNOFILE=100000
|
|
TimeoutStartSec=600
|
|
ExecStop=
|
|
ExecStop=-/sbin/start-stop-daemon --quiet --stop --pidfile /run/nginx.pid
|
|
ExecStartPre=
|
|
ExecStartPre=/usr/bin/install -Z -m 02755 -o www-data -g www-data -d /var/run/nginx
|
|
ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
|
|
ProtectSystem=strict
|
|
PrivateTmp=true
|
|
NoNewPrivileges=true
|
|
PrivateDevices=true
|
|
ProtectKernelTunables=true
|
|
ProtectKernelModules=true
|
|
ProtectControlGroups=true
|
|
LockPersonality=true
|
|
SystemCallArchitectures=native
|
|
BindPaths=/var/log/nginx/
|
|
BindPaths=/var/lib/nginx/
|
|
BindPaths=/var/run/
|
|
BindPaths=/var/www/var/run/
|
|
BindPaths=/run/
|
|
InaccessiblePaths=/root/
|