website/systemd/conservancy-www-cleanup.service

[Unit]
Description=Cleanup Conservancy website
Before=apache2.service

[Service]
Type=oneshot
User=www
ExecStart=/usr/bin/python /var/www/website/www/manage.py clearsessions --verbosity 0

SystemCallFilter=~@clock @cpu-emulation @debug @module @mount @obsolete
CapabilityBoundingSet=
NoNewPrivileges=true

PrivateDevices=true
PrivateNetwork=true
PrivateTmp=true
PrivateUsers=true
ProtectControlGroups=true
ProtectHome=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
ReadWritePaths=/var/lib/www/database

[Install]
WantedBy=apache2.service
systemd: Replace cron infrastructure. 2019-11-23 18:20:09 -05:00			`[Unit]`
			`Description=Cleanup Conservancy website`
			`Before=apache2.service`

			`[Service]`
			`Type=oneshot`
			`User=www`
			`ExecStart=/usr/bin/python /var/www/website/www/manage.py clearsessions --verbosity 0`

			`SystemCallFilter=~@clock @cpu-emulation @debug @module @mount @obsolete`
			`CapabilityBoundingSet=`
			`NoNewPrivileges=true`

			`PrivateDevices=true`
			`PrivateNetwork=true`
			`PrivateTmp=true`
			`PrivateUsers=true`
			`ProtectControlGroups=true`
			`ProtectHome=true`
			`ProtectKernelModules=true`
			`ProtectKernelTunables=true`
			`ProtectSystem=strict`
			`ReadWritePaths=/var/lib/www/database`

			`[Install]`
			`WantedBy=apache2.service`