From 34415f0767e91cda14172659464ccf60205647d0 Mon Sep 17 00:00:00 2001 From: Siina Mashek Date: Thu, 15 Dec 2022 12:25:45 +0200 Subject: [PATCH] Adding prune and scan boop services --- services/boop-prune.service | 23 +++++++++++++++++++++++ services/boop-prune.timer | 9 +++++++++ services/boop-vscan.service | 23 +++++++++++++++++++++++ services/boop-vscan.timer | 9 +++++++++ 4 files changed, 64 insertions(+) create mode 100644 services/boop-prune.service create mode 100644 services/boop-prune.timer create mode 100644 services/boop-vscan.service create mode 100644 services/boop-vscan.timer diff --git a/services/boop-prune.service b/services/boop-prune.service new file mode 100644 index 0000000..b820e9d --- /dev/null +++ b/services/boop-prune.service @@ -0,0 +1,23 @@ +[Unit] +Description=Prune 0x0 files +After=remote-fs.target + +[Service] +Type=oneshot +User=boop +Group=http +WorkingDirectory=/opt/boop +BindPaths=/opt/boop + +Environment=FLASK_APP=fhost +ExecStart=/opt/boop/.local/bin/flask prune +ProtectProc=noaccess +ProtectSystem=strict +ProtectHome=tmpfs +PrivateTmp=true +PrivateUsers=true +ProtectKernelLogs=true +LockPersonality=true + +[Install] +WantedBy=multi-user.target diff --git a/services/boop-prune.timer b/services/boop-prune.timer new file mode 100644 index 0000000..df6a594 --- /dev/null +++ b/services/boop-prune.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Prune 0x0 files + +[Timer] +OnCalendar=hourly +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/services/boop-vscan.service b/services/boop-vscan.service new file mode 100644 index 0000000..fbfd408 --- /dev/null +++ b/services/boop-vscan.service @@ -0,0 +1,23 @@ +[Unit] +Description=Scan 0x0 files with ClamAV +After=remote-fs.target clamd.service + +[Service] +Type=oneshot +User=boop +Group=http +WorkingDirectory=/opt/boop +BindPaths=/opt/boop + +Environment=FLASK_APP=fhost +ExecStart=/opt/boop/.local/bin/flask vscan +ProtectProc=noaccess +ProtectSystem=strict +ProtectHome=tmpfs +PrivateTmp=true +PrivateUsers=true +ProtectKernelLogs=true +LockPersonality=true + +[Install] +WantedBy=multi-user.target diff --git a/services/boop-vscan.timer b/services/boop-vscan.timer new file mode 100644 index 0000000..d2c6486 --- /dev/null +++ b/services/boop-vscan.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Scan 0x0 files with ClamAV + +[Timer] +OnCalendar=hourly +Persistent=true + +[Install] +WantedBy=timers.target