37 lines
717 B
Plaintext
37 lines
717 B
Plaintext
[Unit]
|
|
Description=Unifi Network
|
|
Wants=network.target
|
|
After=network.target
|
|
|
|
[Container]
|
|
Image=lscr.io/linuxserver/unifi-controller
|
|
Volume=/var/lib/unifi:/config:rw,Z
|
|
NoNewPrivileges=yes
|
|
UserNS=auto:gidmapping=911:911:1,uidmapping=911:911:1
|
|
VolatileTmp=yes
|
|
Notify=yes
|
|
Pod=unifi.pod
|
|
PublishPort=6789:6789
|
|
PublishPort=8080:8080
|
|
PublishPort=8443:8443
|
|
PublishPort=8843:8843
|
|
PublishPort=8880:8880
|
|
|
|
[Service]
|
|
TimeoutStartSec=5min
|
|
Restart=always
|
|
PrivateTmp=yes
|
|
ProtectClock=yes
|
|
ProtectHome=yes
|
|
ProtectKernelModules=yes
|
|
ProtectProc=invisible
|
|
ProtectSystem=strict
|
|
ReadWritePaths=/run
|
|
ReadWritePaths=/var/lib/containers/storage
|
|
ReadWritePaths=/var/lib/unifi
|
|
RestrictRealtime=yes
|
|
UMask=0077
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|