This unit is provided by:
Options
-
[Install]
-
WantedBy=multi-user.target
-
-
[Service]
-
AmbientCapabilities=CAP_NET_BIND_SERVICE
-
CPUSchedulingPolicy=other
-
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-
EnvironmentFile=-/etc/sysconfig/coturn-%i
-
ExecReload=/bin/kill -HUP $MAINPID
-
ExecStart=/usr/bin/turnserver -c /etc/coturn/%i.conf --pidfile /run/coturn/turnserver-%i.pid $EXTRA_OPTIONS
-
Group=coturn
-
LimitCORE=infinity
-
LimitNOFILE=999999
-
LimitNPROC=60000
-
LimitRTPRIO=infinity
-
LimitRTTIME=7000000
-
LockPersonality
Introduced in systemd 235=yes -
MemoryDenyWriteExecute
Introduced in systemd 231=yes -
MountFlags=private
-
NoNewPrivileges
Introduced in systemd 239=yes -
PIDFile=/run/coturn/turnserver.pid
-
PrivateDevices
Introduced in systemd 209=yes -
PrivateTmp=yes
-
ProtectClock
Introduced in systemd 245=yes -
ProtectControlGroups
Introduced in systemd 232=yes -
ProtectHome
Introduced in systemd 214=yes -
ProtectHostname
Introduced in systemd 242=yes -
ProtectKernelLogs
Introduced in systemd 244=yes -
ProtectKernelModules
Introduced in systemd 232=yes -
ProtectKernelTunables
Introduced in systemd 232=yes -
ProtectSystem
Introduced in systemd 214=full -
RemoveIPC
Introduced in systemd 232=yes -
Restart=on-abort
-
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
-
RestrictNamespaces
Introduced in systemd 233=yes -
RestrictRealtime
Introduced in systemd 231=yes -
RestrictSUIDSGID
Introduced in systemd 242=yes -
SystemCallArchitectures=native
-
SystemCallFilter=~@clock @debug @module @mount @raw-io @reboot @swap @privileged @resources @cpu-emulation @obsolete
-
Type=simple
-
UMask=0007
-
User=coturn
-
-
[Unit]
-
After=syslog.target network.target
-
Description=STUN and TURN relay server for VoIP and WebRTC %i
-
Documentation=man:coturn(1) man:turnadmin(1) man:turnserver(1)
-
Additionnal notes
Nothing here.