@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
1[Unit]
2Description=Phorge Daemons
3Documentation=https://we.phorge.it/book/phorge/article/managing_daemons/
4# Want this so that there is a greater chance phd will start up successfully
5# when mysql is on a remote host.
6Wants=network-online.target
7After=local-fs.target network-online.target syslog.socket
8
9[Service]
10Type=forking
11EnvironmentFile=/etc/phorge/environment
12User=daemon-user
13Group=daemon-user
14ExecStart="${PHORGE_ROOT}/bin/phd" start
15ExecReload="${PHORGE_ROOT}/bin/phd" reload
16ExecStop="${PHORGE_ROOT}/bin/phd" stop
17
18Restart=on-failure
19
20ProtectHome=tmpfs
21ProtectHostname=yes
22ProtectKernelLogs=yes
23ProtectKernelModules=yes
24ProtectKernelTunables=yes
25ProtectSystem=full
26ProtectProc=invisible
27ProtectControlGroups=strict
28PrivateDevices=yes
29PrivateIPC=yes
30PrivateTmp=yes
31PrivateUsers=yes
32
33[Install]
34WantedBy=multi-user.target