mirror of
https://github.com/dashpay/dash.git
synced 2024-12-26 04:22:55 +01:00
bf702f7c78
9d026546778629472574b26fa73338efc63d02da doc: Fix systemd spelling and link to doc/init.md (Hennadii Stepanov) 601778c3107adbd8d96eb0bb5c16a9d0a4b81594 script: Add Documentation key to bitcoind.service (Hennadii Stepanov) d9392b724cae53b7a16fa5f84ebe152eea496502 script: Improve robustness of bitcoind.service on startup (Hennadii Stepanov) Pull request description: If network interfaces are not properly up the following happens: ``` ... 2021-01-08T10:17:11Z scheduler thread start 2021-01-08T10:17:11Z libevent: getaddrinfo: address family for nodename not supported 2021-01-08T10:17:11Z Binding RPC on address 127.0.0.1 port 8332 failed. 2021-01-08T10:17:11Z HTTP: creating work queue of depth 16 2021-01-08T10:17:11Z Using random cookie authentication. 2021-01-08T10:17:11Z Generated RPC authentication cookie /var/lib/bitcoind/.cookie 2021-01-08T10:17:11Z HTTP: starting 2 worker threads 2021-01-08T10:17:11Z init message: Loading banlist... 2021-01-08T10:17:11Z SetNetworkActive: true 2021-01-08T10:17:11Z Error: Cannot resolve -externalip address: <EDITED> 2021-01-08T10:17:11Z Shutdown: In progress... 2021-01-08T10:17:11Z scheduler thread exit 2021-01-08T10:17:11Z Shutdown: done ``` This PR improves robustness on startup in such cases in documented way: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ Also minor doc improvements are added. ACKs for top commit: Sjors: ACK 9d02654 practicalswift: ACK 9d026546778629472574b26fa73338efc63d02da: patch looks correct darosior: ACK 9d026546778629472574b26fa73338efc63d02da -- been using the first patch too Tree-SHA512: 38294f5682c09e6ea9008de7d7459098c920cf1b98ad8ef8a5d2ca01f2f781c0fec5591dc40ef36eeb19d94991b0c7fb7cb38c4e716bc7219875c9bcd0a55e1b
82 lines
2.1 KiB
Desktop File
82 lines
2.1 KiB
Desktop File
# It is not recommended to modify this file in-place, because it will
|
|
# be overwritten during package upgrades. If you want to add further
|
|
# options or overwrite existing ones then use
|
|
# $ systemctl edit dashd.service
|
|
# See "man systemd.service" for details.
|
|
|
|
# Note that almost all daemon options could be specified in
|
|
# /etc/dash/dash.conf, but keep in mind those explicitly
|
|
# specified as arguments in ExecStart= will override those in the
|
|
# config file.
|
|
|
|
[Unit]
|
|
Description=Dash daemon
|
|
Documentation=https://github.com/dashpay/dash/blob/master/doc/init.md
|
|
|
|
# https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Service]
|
|
ExecStart=/usr/bin/dashd -daemon \
|
|
-pid=/run/dashd/dashd.pid \
|
|
-conf=/etc/dash/dash.conf \
|
|
-datadir=/var/lib/dashd
|
|
|
|
# Make sure the config directory is readable by the service user
|
|
PermissionsStartOnly=true
|
|
ExecStartPre=/bin/chgrp dashcore /etc/dash
|
|
|
|
# Process management
|
|
####################
|
|
|
|
Type=forking
|
|
PIDFile=/run/dashd/dashd.pid
|
|
Restart=on-failure
|
|
TimeoutStopSec=600
|
|
|
|
# Directory creation and permissions
|
|
####################################
|
|
|
|
# Run as dash:dash
|
|
User=dashcore
|
|
Group=dashcore
|
|
|
|
# /run/dashd
|
|
RuntimeDirectory=dashd
|
|
RuntimeDirectoryMode=0710
|
|
|
|
# /etc/dash
|
|
ConfigurationDirectory=dash
|
|
ConfigurationDirectoryMode=0710
|
|
|
|
# /var/lib/dashd
|
|
StateDirectory=dashd
|
|
StateDirectoryMode=0710
|
|
|
|
# Hardening measures
|
|
####################
|
|
|
|
# Provide a private /tmp and /var/tmp.
|
|
PrivateTmp=true
|
|
|
|
# Mount /usr, /boot/ and /etc read-only for the process.
|
|
ProtectSystem=full
|
|
|
|
# Deny access to /home, /root and /run/user
|
|
ProtectHome=true
|
|
|
|
# Disallow the process and all of its children to gain
|
|
# new privileges through execve().
|
|
NoNewPrivileges=true
|
|
|
|
# Use a new /dev namespace only populated with API pseudo devices
|
|
# such as /dev/null, /dev/zero and /dev/random.
|
|
PrivateDevices=true
|
|
|
|
# Deny the creation of writable and executable memory mappings.
|
|
MemoryDenyWriteExecute=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|