|
|
|
@@ -1,39 +1,9 @@ |
|
|
|
[Unit] |
|
|
|
Description=Music Player Daemon |
|
|
|
Documentation=man:mpd(1) man:mpd.conf(5) |
|
|
|
Documentation=file:///usr/share/doc/mpd/html/user.html |
|
|
|
Description=SSHFS Daemon |
|
|
|
After=network.target sound.target |
|
|
|
|
|
|
|
[Service] |
|
|
|
Type=notify |
|
|
|
EnvironmentFile=/etc/default/mpd |
|
|
|
ExecStart=/usr/bin/mpd --no-daemon /etc/mpdf{{ item }}.conf |
|
|
|
|
|
|
|
# Enable this setting to ask systemd to watch over MPD, see |
|
|
|
# systemd.service(5). This is disabled by default because it causes |
|
|
|
# periodic wakeups which are unnecessary if MPD is not playing. |
|
|
|
#WatchdogSec=120 |
|
|
|
|
|
|
|
# allow MPD to use real-time priority 40 |
|
|
|
LimitRTPRIO=40 |
|
|
|
LimitRTTIME=infinity |
|
|
|
|
|
|
|
# for io_uring |
|
|
|
LimitMEMLOCK=64M |
|
|
|
|
|
|
|
# disallow writing to /usr, /bin, /sbin, ... |
|
|
|
ProtectSystem=yes |
|
|
|
|
|
|
|
# more paranoid security settings |
|
|
|
NoNewPrivileges=yes |
|
|
|
ProtectKernelTunables=yes |
|
|
|
ProtectControlGroups=yes |
|
|
|
ProtectKernelModules=yes |
|
|
|
# AF_NETLINK is required by libsmbclient, or it will exit() .. *sigh* |
|
|
|
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK |
|
|
|
RestrictNamespaces=yes |
|
|
|
|
|
|
|
[Install] |
|
|
|
WantedBy=multi-user.target |
|
|
|
Also=mpd.socket |
|
|
|
Type=simple |
|
|
|
ExecStart=/usr/bin/sshfs -o allow_root "{{ [username,'@',hostname,':',localpath,item'/',' ',remotepath,item'/' ]|join() }}" |
|
|
|
Restart=on-failure |
|
|
|
|
Erin Sims
hace 2 años