Rename to stash

1 files changed, 33 insertions, 0 deletions

diff --git a/stash.service b/stash.service
new file mode 100644
index 0000000..24a1727
--- /dev/null
+++ b/stash.service
@@ -0,0 +1,33 @@
+[Unit]
+Description=Saved articles tracker
+
+[Service]
+User=history
+Restart=always
+ExecStart=/usr/bin/history
+StateDirectory=history
+ConfigurationDirectory=history
+WorkingDirectory=/var/lib/history
+
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=true
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+
+ProtectSystem=strict
+ProtectHome=true
+PrivateTmp=true
+PrivateDevices=true
+ExecPaths=/usr/bin/history
+
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+ProtectClock=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+
+[Install]
+WantedBy=multi-user.target