|
|
@@ -43,5 +43,13 @@ RestrictRealtime=true
|
|
|
# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ReadWritePaths=
|
|
|
ReadWritePaths=/run
|
|
|
|
|
|
+# Allow miniflux to bind to <1024 ports
|
|
|
+# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#AmbientCapabilities=
|
|
|
+AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
|
+
|
|
|
+# Provide a private /tmp for CERT_CACHE (required when using Let's Encrypt)
|
|
|
+# https://www.freedesktop.org/software/systemd/man/systemd.exec.html#PrivateTmp=
|
|
|
+PrivateTmp=true
|
|
|
+
|
|
|
[Install]
|
|
|
WantedBy=multi-user.target
|
Jean Paul Galea