Add variable to enable adding CAP_NET_BIND_SERVICE to systemd service

This commit is contained in:
Leo Maroni 2020-05-20 14:13:11 +02:00 committed by Thomas Maurice
parent efc0363f4b
commit 2b665bdb1d
3 changed files with 4 additions and 0 deletions

View file

@ -57,6 +57,7 @@ The following code has been tested with Debian 8, it should work on Ubuntu as we
* `gitea_user`: UNIX user used by Gitea * `gitea_user`: UNIX user used by Gitea
* `gitea_home`: Base directory to work * `gitea_home`: Base directory to work
* `gitea_dl_url`: The URL, the compiled gitea-binary will be downloaded from * `gitea_dl_url`: The URL, the compiled gitea-binary will be downloaded from
* `gitea_systemd_cap_net_bind_service`: Adds `AmbientCapabilities=CAP_NET_BIND_SERVICE` to systemd service file
### Look and feel ### Look and feel

View file

@ -7,6 +7,7 @@ gitea_app_name: "Gitea"
gitea_user: "gitea" gitea_user: "gitea"
gitea_home: "/var/lib/gitea" gitea_home: "/var/lib/gitea"
gitea_shell: "/bin/false" gitea_shell: "/bin/false"
gitea_systemd_cap_net_bind_service: false
gitea_repository_root: "{{ gitea_home }}" gitea_repository_root: "{{ gitea_home }}"
gitea_user_repo_limit: -1 gitea_user_repo_limit: -1

View file

@ -7,7 +7,9 @@ User={{ gitea_user }}
ExecStart=/usr/local/bin/gitea web -c /etc/gitea/gitea.ini ExecStart=/usr/local/bin/gitea web -c /etc/gitea/gitea.ini
Restart=on-failure Restart=on-failure
WorkingDirectory={{ gitea_home }} WorkingDirectory={{ gitea_home }}
{% if gitea_systemd_cap_net_bind_service %}
AmbientCapabilities=CAP_NET_BIND_SERVICE AmbientCapabilities=CAP_NET_BIND_SERVICE
{% endif %}
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target