28 lines
729 B
INI
28 lines
729 B
INI
[Unit]
|
||
Description=Telegram CLI Bot
|
||
After=network.target
|
||
|
||
[Service]
|
||
Type=simple
|
||
User=%USER%
|
||
WorkingDirectory=%WORKDIR%
|
||
Environment="PATH=%VENV_PATH%:/home/%USER%/.config/nvm/versions/node/v24.13.1/bin:/usr/local/bin:/usr/bin:/bin"
|
||
Environment="QWEN_CODE_PATH=%VENV_PATH%/qwen"
|
||
Environment="NVM_DIR=/home/%USER%/.nvm"
|
||
ExecStart=%VENV_PATH%/python bot.py
|
||
Restart=always
|
||
RestartSec=10
|
||
StandardOutput=journal
|
||
StandardError=journal
|
||
SyslogIdentifier=telegram-bot
|
||
|
||
# Security hardening с исключениями для работы бота
|
||
NoNewPrivileges=true
|
||
ProtectSystem=strict
|
||
ProtectHome=read-only
|
||
PrivateTmp=true
|
||
ReadWritePaths=%WORKDIR% %HOME%/.npm-global %HOME%/.nvm %HOME%/.config/nvm
|
||
|
||
[Install]
|
||
WantedBy=multi-user.target
|