infra/ansible-role-prometheus-opnsense-exporter
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-prometheus-opn.../files/prometheus-opnsense-exporter.service
Julian Rother 0fdb74a9a2
Initial commit
2025-05-21 16:27:11 +02:00

33 lines
738 B
Desktop File
Raw Permalink Blame History

[Unit]
Description=Prometheus exporter for OPNsense metrics
Requires=network-online.target
After=network-online.target
[Service]
DynamicUser=yes
User=opnsense-exporter
Restart=on-failure
EnvironmentFile=-/etc/default/prometheus-opnsense-exporter
ExecStart=/usr/local/sbin/opnsense-exporter $OPNSENSE_EXPORTER_ARGS
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=true
PrivateDevices=yes
PrivateTmp=disconnected
PrivateUsers=yes
ProcSubset=pid
ProtectClock=yes
ProtectControlGroups=strict
ProtectHome=yes
ProtectHostname=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectProc=invisible
ProtectSystem=strict
RestrictNamespaces=yes
RestrictRealtime=yes
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink