Add restart and security to systemd unit file
This makes three changes to the stock systemd unit file for Comentario:
- It adds
restart=always, so Comentario will restart if it crashes or otherwise quits. Systemd will rate-limit the restarts, so repeated crashes won't be a system-level problem. - It changes the type from
simpletoexec, as recommended by Systemd's documentation - It adds a bunch of security filters that reduce Comentario's access to the system, as recommended by
systemd-analyze security comentario.
The security changes are relatively minor, but they're the bulk of this change. They all remove permissions, and I've verified that they still work with my running sqlite-backed instance. This is enough to get systemd-analyze to drop Comentario's "exposure level" from 9.6 to 3.9; it's an arbitrary number, and I'm not generally that worried about Go code as a security problem, but there's no real need for Comentario to be able to reboot the system, install kernel modules, make network changes, etc, and this removes the bulk of that while still leaving most debugging and system introspection abilities intact.