yumoqing
514ab91e01
- install-service.py: 自动生成 hermes-service.service 文件 - 自动检测 .venv Python 或系统 Python - 所有路径基于脚本所在目录动态计算,无硬编码 - 支持 --install 一键安装到 /etc/systemd/system - 包含安全加固: NoNewPrivileges, ProtectSystem, ProtectHome - 日志输出到 journal,方便 systemctl status/journalctl 查看
28 lines
592 B
Desktop File
28 lines
592 B
Desktop File
[Unit]
|
|
Description=Hermes Service - AI Agent HTTP API
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=hermesai
|
|
Group=hermesai
|
|
WorkingDirectory=/d/hermesai/repos/hermes-service
|
|
ExecStart=/usr/bin/python3 /d/hermesai/repos/hermes-service/main.py
|
|
Restart=always
|
|
RestartSec=5
|
|
StandardOutput=journal
|
|
StandardError=journal
|
|
|
|
# Environment
|
|
Environment="HOME=/d/hermesai"
|
|
Environment="PYTHONUNBUFFERED=1"
|
|
|
|
# Security hardening
|
|
NoNewPrivileges=true
|
|
ProtectSystem=strict
|
|
ProtectHome=read-only
|
|
ReadWritePaths=/d/hermesai/users /d/hermesai/repos/hermes-service/data
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|