Fredrik Wahlberg
f36257226f
NoNewPrivileges=true prevents file capabilities from working. Since we need CAP_NET_RAW/CAP_NET_ADMIN for Bluetooth, we must disable this security feature.
33 lines
920 B
Desktop File
33 lines
920 B
Desktop File
[Unit]
|
|
Description=Sensorpajen - Bluetooth Temperature Sensor Monitor
|
|
Documentation=https://github.com/yourusername/sensorpajen
|
|
After=network.target bluetooth.target
|
|
Wants=bluetooth.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
WorkingDirectory=%h/sensorpajen
|
|
EnvironmentFile=%h/sensorpajen/config/sensorpajen.env
|
|
ExecStart=%h/sensorpajen/.venv/bin/python -m sensorpajen.main
|
|
Restart=always
|
|
RestartSec=10
|
|
|
|
# Bluetooth capabilities (alternative to setcap)
|
|
# Note: This requires systemd to be run with proper permissions
|
|
# If this doesn't work, use setcap on the Python binary instead
|
|
#AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN
|
|
|
|
# Logging
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
SyslogIdentifier=sensorpajen
|
|
|
|
# Security
|
|
# Note: NoNewPrivileges=true can prevent file capabilities from working
|
|
# We need capabilities for Bluetooth access, so we can't use it
|
|
#NoNewPrivileges=true
|
|
PrivateTmp=true
|
|
|
|
[Install]
|
|
WantedBy=default.target
|