summaryrefslogtreecommitdiffstats
path: root/distro/common/knot.service
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--distro/common/knot.service30
1 files changed, 30 insertions, 0 deletions
diff --git a/distro/common/knot.service b/distro/common/knot.service
new file mode 100644
index 0000000..e6c13ed
--- /dev/null
+++ b/distro/common/knot.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=Knot DNS server
+Wants=network-online.target
+After=network-online.target
+Documentation=man:knotd(8) man:knot.conf(5) man:knotc(8)
+
+[Service]
+Type=notify
+User=knot
+Group=knot
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETPCAP
+AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_SETPCAP
+ExecStartPre=/usr/sbin/knotc conf-check
+ExecStart=/usr/sbin/knotd -m "$KNOT_CONF_MAX_SIZE"
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-abort
+LimitNOFILE=1048576
+TimeoutStopSec=300
+# Extend the systemd startup timeout by this value (seconds) for each zone
+Environment="KNOT_ZONE_LOAD_TIMEOUT_SEC=180"
+# Maximum size (MiB) of a configuration database
+Environment="KNOT_CONF_MAX_SIZE=512"
+
+# Expected systemd >= v239
+RuntimeDirectory=knot
+StateDirectory=knot
+NoNewPrivileges=yes
+
+[Install]
+WantedBy=multi-user.target