This unit is provided by:
Options
-
[Service]-
BindPaths=/var/lib/paperless/consume /var/lib/paperless /var/lib/paperless/media
-
BindReadOnlyPaths=/nix/store -/etc/resolv.conf -/etc/nsswitch.conf -/etc/hosts -/etc/localtime -/run/postgresql /run/redis-paperless/redis.sock -
CapabilityBoundingSet= -
DeviceAllow= -
Environment="GUNICORN_CMD_ARGS=--bind=localhost:28981" "PAPERLESS_CONSUMPTION_DIR=/var/lib/paperless/consume" "PAPERLESS_DATA_DIR=/var/lib/paperless" "PAPERLESS_MEDIA_ROOT=/var/lib/paperless/media" "PAPERLESS_REDIS=unix:///run/redis-paperless/redis.sock" -
ExecStart=/usr/bin/paperless-ngx document_consumer -
LockPersonalityIntroduced in systemd 235=yes -
MemoryDenyWriteExecuteIntroduced in systemd 231=yes -
NoNewPrivilegesIntroduced in systemd 239=yes -
PrivateDevicesIntroduced in systemd 209=yes -
PrivateMounts=yes -
PrivateNetwork=yes -
PrivateTmp=yes -
PrivateUsers=yes -
ProtectClockIntroduced in systemd 245=yes -
ProtectControlGroupsIntroduced in systemd 232=yes -
ProtectHostnameIntroduced in systemd 242=yes -
ProtectKernelLogsIntroduced in systemd 244=yes -
ProtectKernelModulesIntroduced in systemd 232=yes -
ProtectKernelTunablesIntroduced in systemd 232=yes -
ProtectProcIntroduced in systemd 247=invisible -
Restart=on-failure -
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 -
RestrictNamespacesIntroduced in systemd 233=yes -
RestrictRealtimeIntroduced in systemd 231=yes -
RestrictSUIDSGIDIntroduced in systemd 242=yes -
SupplementaryGroups=redis-paperless -
SystemCallArchitectures=native -
SystemCallFilter=@system-service ~@privileged @setuid @keyring -
TemporaryFileSystem=/:ro -
User=paperless
-
-
[Unit]-
After=paperless-scheduler.service -
BindsTo=paperless-scheduler.service -
Description=Paperless document consumer
-
Additionnal notes
Nothing here.