mirror of
https://github.com/netdata/netdata.git
synced 2021-06-06 23:03:21 +03:00
ba85771673
* Fix systemd comment syntax comments for systemd service files are only allowed in the beginning of a new line https://www.freedesktop.org/software/systemd/man/systemd.syntax.html otherwise you get error messages like ``` /usr/lib/systemd/system/netdata.service:48: Failed to parse capability in bounding/ambient set, ignoring: # ``` * remove trailing whitespaces
78 lines
2.8 KiB
SYSTEMD
78 lines
2.8 KiB
SYSTEMD
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
[Unit]
|
|
Description=Real time performance monitoring
|
|
|
|
# append here other services you want netdata to wait for them to start
|
|
After=network.target httpd.service squid.service nfs-server.service mysqld.service mysql.service named.service postfix.service chronyd.service
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=netdata
|
|
Group=netdata
|
|
RuntimeDirectory=netdata
|
|
RuntimeDirectoryMode=0775
|
|
PIDFile=@localstatedir_POST@/run/netdata/netdata.pid
|
|
ExecStart=@sbindir_POST@/netdata -P @localstatedir_POST@/run/netdata/netdata.pid -D
|
|
ExecStartPre=/bin/mkdir -p @localstatedir_POST@/cache/netdata
|
|
ExecStartPre=/bin/chown -R netdata:netdata @localstatedir_POST@/cache/netdata
|
|
ExecStartPre=/bin/mkdir -p @localstatedir_POST@/run/netdata
|
|
ExecStartPre=/bin/chown -R netdata:netdata @localstatedir_POST@/run/netdata
|
|
ExecStopPost=@pluginsdir_POST@/reset_netdata_trace.sh
|
|
PermissionsStartOnly=true
|
|
|
|
# saving a big db on slow disks may need some time
|
|
TimeoutStopSec=150
|
|
|
|
# restart netdata if it crashes
|
|
Restart=on-failure
|
|
RestartSec=30
|
|
|
|
# The minimum netdata Out-Of-Memory (OOM) score.
|
|
# netdata (via [global].OOM score in netdata.conf) can only increase the value set here.
|
|
# To decrease it, set the minimum here and set the same or a higher value in netdata.conf.
|
|
# Valid values: -1000 (never kill netdata) to 1000 (always kill netdata).
|
|
OOMScoreAdjust=1000
|
|
|
|
# Valid policies: other (the system default) | batch | idle | fifo | rr
|
|
# To give netdata the max priority, set CPUSchedulingPolicy=rr and CPUSchedulingPriority=99
|
|
CPUSchedulingPolicy=idle
|
|
|
|
# This sets the scheduling priority (for policies: rr and fifo).
|
|
# Priority gets values 1 (lowest) to 99 (highest).
|
|
#CPUSchedulingPriority=1
|
|
|
|
# For scheduling policy 'other' and 'batch', this sets the lowest niceness of netdata (-20 highest to 19 lowest).
|
|
#Nice=0
|
|
|
|
# Capabilities
|
|
# is required for freeipmi and slabinfo plugins
|
|
CapabilityBoundingSet=CAP_DAC_OVERRIDE
|
|
# is required for apps plugin
|
|
CapabilityBoundingSet=CAP_DAC_READ_SEARCH
|
|
# is required for freeipmi plugin
|
|
CapabilityBoundingSet=CAP_FOWNER
|
|
# is required for apps, perf and slabinfo plugins
|
|
CapabilityBoundingSet=CAP_SETPCAP
|
|
# is required for perf plugin
|
|
CapabilityBoundingSet=CAP_SYS_ADMIN
|
|
# is required for apps plugin
|
|
CapabilityBoundingSet=CAP_SYS_PTRACE
|
|
# is required for ebpf plugin
|
|
CapabilityBoundingSet=CAP_SYS_RESOURCE
|
|
# is required for fping app
|
|
CapabilityBoundingSet=CAP_NET_RAW
|
|
# is required for cgroups plugin
|
|
CapabilityBoundingSet=CAP_SYS_CHROOT
|
|
|
|
# Sandboxing
|
|
ProtectSystem=full
|
|
ProtectHome=read-only
|
|
# PrivateTmp break netdatacli functionality. See - https://github.com/netdata/netdata/issues/7587
|
|
#PrivateTmp=true
|
|
ProtectControlGroups=true
|
|
# We whitelist this because it's the standard location to listen on a UNIX socket.
|
|
ReadWriteDirectories=/run/netdata
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|