]> arthur.barton.de Git - netdata.git/blobdiff - system/netdata.service.in
projects / netdata.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
proper log file management; re-opening logs on SIGHUP; updated logrotate; updated...
[netdata.git] / system / netdata.service.in
diff --git a/system/netdata.service.in b/system/netdata.service.in
index 0dd6eba38d9f18aa4f3d8ee922a3b00390c2e495..afdf0d78ce3c24422bd116c1f650ba32e47b8383 100644 (file)
--- a/system/netdata.service.in
+++ b/system/netdata.service.in
@@ -1,27 +1,44 @@
 [Unit]
-Description=Linux real time system monitoring, done right
+Description=Real time performance monitoring
 After=network.target httpd.service squid.service nfs-server.service mysqld.service named.service postfix.service
 
 [Service]
-Type=forking
+Type=simple
 WorkingDirectory=/tmp
 User=netdata
 Group=netdata
 RuntimeDirectory=netdata
-PIDFile=@localstatedir_POST@/run/netdata/netdata.pid
-ExecStart=@sbindir_POST@/netdata -P @localstatedir_POST@/run/netdata/netdata.pid
+ExecStartPre=/bin/mkdir -p @localstatedir_POST@/run/netdata
+ExecStartPre=/bin/chown -R netdata:netdata @localstatedir_POST@/run/netdata
+ExecStartPre=/bin/chmod 0775 @localstatedir_POST@/run/netdata
+ExecStart=@sbindir_POST@/netdata -D -P @localstatedir_POST@/run/netdata/netdata.pid
+
+# -----------------------------------------------------------------------------
+# Stopping netdata
+
 KillMode=mixed
 KillSignal=SIGTERM
-TimeoutStopSec=30
 
-#Hardening
+# saving a big db on slow disks may need some time
+TimeoutStopSec=60
+
+# and disable SIGKILL - if sent during save, we will loose the db
+SendSIGKILL=no
+
+# -----------------------------------------------------------------------------
+# Hardening netdata
+
 AmbientCapabilities=CAP_DAC_READ_SEARCH CAP_SYS_PTRACE
 CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_SYS_PTRACE
 PrivateTmp=true
 ProtectSystem=full
 ProtectHome=read-only
-#NoNewPrivileges=true is implicitly set by the MemoryDenyWriteExecute=true
-MemoryDenyWriteExecute=true
+
+# is implicitly set by the MemoryDenyWriteExecute=true
+# NoNewPrivileges=true
+
+# Do not enable - it makes node.js plugins to crash
+# MemoryDenyWriteExecute=true
 
 [Install]
 WantedBy=multi-user.target
NetData