]> nmode's Git Repositories - signal-cli/blob - data/signal-cli-socket.service
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update graalvm reflect-config
[signal-cli] / data / signal-cli-socket.service
1 [Unit]
2 Description=Send secure messages to Signal clients
3 Wants=network-online.target
4 After=network-online.target
5 Requires=signal-cli-socket.socket
6
7 [Service]
8 CapabilityBoundingSet=
9 Environment="SIGNAL_CLI_OPTS=-Xms2m"
10 # Update 'ReadWritePaths' if you change the config path here
11 ExecStart=%dir%/bin/signal-cli --config /var/lib/signal-cli daemon
12 LockPersonality=true
13 NoNewPrivileges=true
14 PrivateDevices=true
15 PrivateIPC=true
16 PrivateTmp=true
17 PrivateUsers=true
18 ProcSubset=pid
19 ProtectClock=true
20 ProtectControlGroups=true
21 ProtectHome=true
22 ProtectHostname=true
23 ProtectKernelLogs=true
24 ProtectKernelModules=true
25 ProtectKernelTunables=true
26 ProtectProc=invisible
27 ProtectSystem=strict
28 # Profile pictures and attachments to upload must be located here for the service to access them
29 ReadWritePaths=/var/lib/signal-cli
30 RemoveIPC=true
31 RestrictAddressFamilies=AF_INET AF_INET6
32 RestrictNamespaces=true
33 RestrictRealtime=true
34 RestrictSUIDSGID=true
35 StandardInput=socket
36 StandardOutput=journal
37 StandardError=journal
38 SystemCallArchitectures=native
39 SystemCallFilter=~@debug @mount @obsolete @privileged @resources
40 UMask=0077
41 # Create the user and home directory with 'useradd -r -U -s /usr/sbin/nologin -m -b /var/lib signal-cli'
42 User=signal-cli
43
44 [Install]
45 Also=signal-cli-socket.socket
46 WantedBy=default.target
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut