diff options
| author | ctp-tsteenholdt <tsteenholdt@cascadetechnologypartners.com> | 2018-04-20 08:34:12 -0200 |
|---|---|---|
| committer | ctp-tsteenholdt <tsteenholdt@cascadetechnologypartners.com> | 2018-04-20 08:34:12 -0200 |
| commit | 2a87b1b07c5c4f8b9b34747c5f254c2ae1e824bf (patch) | |
| tree | a1751059eac3cc5f8f535188c9f882553c8881a5 /contrib/debian/bitcoind.service | |
| parent | 9085532d35207c4a7690812ae82e476cf518d451 (diff) | |
Add systemd service for bitcoind
Adding systemd service for bitcoind, to provide for a simpler
out-of-the-box experience.
Configuration file is /etc/bitcoin/bitcoin.conf. This file is a
copy of the sample configuration file.
The service user 'bitcoin' is added during install. Its homedir
is in '/var/lib/bitcoin'.
bitcoind.service is disabled by default to allow the user to
configure it, before starting it the first time.
On package purge, the 'bitcoin' user as well as its homedir is
left intact, to not accidentally remove a wallet or something of
equal importance. Instead the user is presented with information
on how to perform the cleanup manually, after making sure all
important data has been backed up.
Diffstat (limited to 'contrib/debian/bitcoind.service')
| -rw-r--r-- | contrib/debian/bitcoind.service | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/contrib/debian/bitcoind.service b/contrib/debian/bitcoind.service new file mode 100644 index 0000000000..26c771f256 --- /dev/null +++ b/contrib/debian/bitcoind.service @@ -0,0 +1,45 @@ +# It is not recommended to modify this file in-place, because it will +# be overwritten during package upgrades. If you want to add further +# options or overwrite existing ones then use +# $ systemctl edit bitcoind.service +# See "man systemd.service" for details. + +# Note that almost all daemon options could be specified in +# /etc/bitcoin/bitcoin.conf + +[Unit] +Description=Bitcoin daemon +After=network.target + +[Service] +ExecStart=/usr/bin/bitcoind -daemon -datadir=/var/lib/bitcoin -conf=/etc/bitcoin/bitcoin.conf -pid=/run/bitcoind/bitcoind.pid +# Creates /run/bitcoind owned by bitcoin +RuntimeDirectory=bitcoind +User=bitcoin +Type=forking +PIDFile=/run/bitcoind/bitcoind.pid +Restart=on-failure + +# Hardening measures +#################### + +# Provide a private /tmp and /var/tmp. +PrivateTmp=true + +# Mount /usr, /boot/ and /etc read-only for the process. +ProtectSystem=full + +# Disallow the process and all of its children to gain +# new privileges through execve(). +NoNewPrivileges=true + +# Use a new /dev namespace only populated with API pseudo devices +# such as /dev/null, /dev/zero and /dev/random. +PrivateDevices=true + +# Deny the creation of writable and executable memory mappings. +# Commented out as it's not supported on Debian 8 or Ubuntu 16.04 LTS +#MemoryDenyWriteExecute=true + +[Install] +WantedBy=multi-user.target |