diff options
author | Christian Pointner <equinox@spreadspace.org> | 2023-08-25 11:56:39 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2023-08-25 11:56:39 +0200 |
commit | a23f082a05f614cb54016634670cde315b2fc5d8 (patch) | |
tree | c9c25fbec1dfa8478dc154f014be97fc154e804c /roles/monitoring/prometheus/exporter | |
parent | update repo key for grafana apt repo (diff) |
prometheus/nftables exporter: fix sytemd service unit
Diffstat (limited to 'roles/monitoring/prometheus/exporter')
-rw-r--r-- | roles/monitoring/prometheus/exporter/nftables/templates/service.j2 | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/roles/monitoring/prometheus/exporter/nftables/templates/service.j2 b/roles/monitoring/prometheus/exporter/nftables/templates/service.j2 index b22d9582..ad67b0cf 100644 --- a/roles/monitoring/prometheus/exporter/nftables/templates/service.j2 +++ b/roles/monitoring/prometheus/exporter/nftables/templates/service.j2 @@ -1,12 +1,10 @@ [Unit] Description=Prometheus nftables exporter -After=systemd-modules-load.service [Service] Restart=always User=prometheus-exporter ExecStart=/usr/bin/prometheus-nftables-exporter --config=/etc/prometheus/exporter/nftables/config.yml -ExecReload=/bin/kill -HUP $MAINPID # systemd hardening-options AmbientCapabilities=CAP_NET_ADMIN @@ -16,6 +14,7 @@ DevicePolicy=strict LockPersonality=true MemoryDenyWriteExecute=true NoNewPrivileges=true +PrivateDevices=true PrivateTmp=true ProtectControlGroups=true ProtectHome=true |