26 lines
620 B
Desktop File
26 lines
620 B
Desktop File
[Unit]
|
|
Description=AdGuard Home: Network-level blocker
|
|
After=syslog.target network-online.target
|
|
|
|
[Service]
|
|
DynamicUser=true
|
|
StateDirectory=adguardhome
|
|
WorkingDirectory=/var/lib/adguardhome
|
|
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW
|
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
|
|
ExecStart=/usr/bin/adguardhome -w /var/lib/adguardhome -l syslog
|
|
|
|
PrivateTmp=true
|
|
ProtectSystem=strict
|
|
ProtectHome=true
|
|
PrivateDevices=true
|
|
ProtectKernelTunables=true
|
|
ProtectControlGroups=true
|
|
NoNewPrivileges=true
|
|
MemoryDenyWriteExecute=true
|
|
LockPersonality=true
|
|
ProtectHostname=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|