Expand public installation and API documentation

2026-03-12 14:35:39 +01:00
parent 34d6d3ddcb
commit f15839cf51
7 changed files with 907 additions and 103 deletions
--- a/examples/caddy-opnsense-blocker.service
+++ b/examples/caddy-opnsense-blocker.service
@@ -0,0 +1,31 @@
+[Unit]
+Description=Caddy OPNsense Blocker
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=blocker
+Group=blocker
+SupplementaryGroups=caddy
+WorkingDirectory=/var/lib/caddy-opnsense-blocker
+ExecStart=/usr/local/bin/caddy-opnsense-blocker -config /etc/caddy-opnsense-blocker/config.yaml
+Restart=always
+RestartSec=5s
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=strict
+ProtectHome=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectControlGroups=true
+RestrictSUIDSGID=true
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+LockPersonality=true
+MemoryDenyWriteExecute=true
+SystemCallArchitectures=native
+ReadWritePaths=/var/lib/caddy-opnsense-blocker
+ReadOnlyPaths=/etc/caddy-opnsense-blocker /var/log/caddy
+
+[Install]
+WantedBy=multi-user.target