titanz/NGINX-Configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make /var/lib/nginx optional

Browse Source 
So it's easier to reuse this in distros like Ubuntu

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-06-24 23:47:16 -07:00 committed by GitHub
parent 9dc93e73fe
commit b8c460073a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/systemd/system/nginx.service.d/override.conf
View File

@ -18,7 +18,7 @@ ProtectKernelModules=true
ProtectKernelTunables=true ProtectKernelTunables=true
ProtectProc=invisible ProtectProc=invisible
ProtectSystem=strict ProtectSystem=strict
ReadWritePaths=/var/lib/nginx /var/log/nginx -/var/cache/nginx ReadWritePaths=-/var/lib/nginx /var/log/nginx -/var/cache/nginx
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=true RestrictNamespaces=true
RestrictRealtime=true RestrictRealtime=true
@ -27,4 +27,4 @@ RuntimeDirectory=nginx
RuntimeDirectoryMode=700 RuntimeDirectoryMode=700
SystemCallArchitectures=native SystemCallArchitectures=native
SystemCallFilter=@system-service SystemCallFilter=@system-service
SystemCallFilter=~@obsolete SystemCallFilter=~@obsolete