Jeena
caf9d0984f
- Add tokio signal handling for SIGHUP - Implement thread-safe TLS acceptor reloading with Mutex - Modify main loop to handle signals alongside connections - Update systemd service (already had ExecReload) - Add certbot hook script documentation to INSTALL.md - Enable zero-downtime certificate renewal support
26 lines
No EOL
799 B
Desktop File
26 lines
No EOL
799 B
Desktop File
[Unit]
|
|
Description=Pollux Gemini Server
|
|
After=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
ExecStart=/usr/local/bin/pollux
|
|
ExecReload=/bin/kill -HUP $MAINPID
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
User=gemini
|
|
Group=gemini
|
|
NoNewPrivileges=yes
|
|
ProtectHome=yes
|
|
ProtectSystem=strict
|
|
ReadOnlyPaths=/etc/pollux /etc/letsencrypt/live/example.com /var/www/example.com
|
|
# NOTE: Adjust /etc/letsencrypt/live/example.com and /var/www/example.com to match your config
|
|
# The server needs read access to config, certificates, and content files
|
|
# NOTE: Adjust paths to match your config:
|
|
# - /etc/letsencrypt/live/example.com for Let's Encrypt certs
|
|
# - /var/www/example.com for your content root
|
|
# The server needs read access to config, certificates, and content files
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target |