18 lines
442 B
INI
18 lines
442 B
INI
[Unit]
|
|
Description=Fetch Nextcloud database client certificate
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
Environment=LOG_LEVEL=debug
|
|
ExecStart=/usr/local/libexec/nextcloud-fetch-cert.py
|
|
LoadCredential=nextcloud.fetchcert.token
|
|
CapabilityBoundingSet=CAP_DAC_OVERRIDE CAP_CHOWN
|
|
PrivateTmp=yes
|
|
ProtectHome=yes
|
|
ProtectKernelTunables=yes
|
|
ProtectProc=invisible
|
|
ProtectSystem=full
|
|
ReadWritePaths=/etc/nextcloud
|