43 lines
1.1 KiB
Desktop File
43 lines
1.1 KiB
Desktop File
[Unit]
|
|
Description=Expose MCP Browser via HTTP bridge
|
|
Documentation=https://github.com/Xilope0/mcp-browser
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
Environment="PYTHONUNBUFFERED=1"
|
|
Environment="MCP_PROXY_BIN=%h/.local/bin/mcp-proxy"
|
|
Environment="MCP_PROXY_ALLOW_ORIGIN=https://platform.openai.com"
|
|
Environment="MCP_PROXY_PORT=14001"
|
|
Environment="MCP_PROXY_CONFIG=%h/.config/mcp-browser/proxy.yaml"
|
|
Environment="MCP_PROXY_EXTRA_ARGS="
|
|
EnvironmentFile=-%h/.config/mcp-browser/proxy.env
|
|
|
|
ExecStart=/usr/bin/env sh -c '\
|
|
set -eu; \
|
|
exec "$MCP_PROXY_BIN" \
|
|
--allow-origin "$MCP_PROXY_ALLOW_ORIGIN" \
|
|
--port "$MCP_PROXY_PORT" \
|
|
--named-server-config "$MCP_PROXY_CONFIG" \
|
|
$MCP_PROXY_EXTRA_ARGS'
|
|
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
NoNewPrivileges=yes
|
|
ProtectSystem=strict
|
|
ProtectHome=read-only
|
|
PrivateTmp=yes
|
|
ProtectControlGroups=yes
|
|
ProtectKernelTunables=yes
|
|
ProtectKernelModules=yes
|
|
LockPersonality=yes
|
|
MemoryDenyWriteExecute=yes
|
|
RestrictSUIDSGID=yes
|
|
RestrictRealtime=yes
|
|
RestrictNamespaces=yes
|
|
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
|
|
|
[Install]
|
|
WantedBy=default.target
|