v1.14.6/.release/linux/package/usr/lib/systemd/system/vault.service - hashicorp/vault - Git at Google

 [Unit]
 Description="HashiCorp Vault - A tool for managing secrets"
 Documentation=https://www.vaultproject.io/docs/
 Requires=network-online.target
 After=network-online.target
 ConditionFileNotEmpty=/etc/vault.d/vault.hcl
 StartLimitIntervalSec=60
 StartLimitBurst=3

 [Service]
 Type=notify
 EnvironmentFile=/etc/vault.d/vault.env
 User=vault
 Group=vault
 ProtectSystem=full
 ProtectHome=read-only
 PrivateTmp=yes
 PrivateDevices=yes
 SecureBits=keep-caps
 AmbientCapabilities=CAP_IPC_LOCK
 CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
 NoNewPrivileges=yes
 ExecStart=/usr/bin/vault server -config=/etc/vault.d/vault.hcl
 ExecReload=/bin/kill --signal HUP $MAINPID
 KillMode=process
 KillSignal=SIGINT
 Restart=on-failure
 RestartSec=5
 TimeoutStopSec=30
 LimitNOFILE=65536
 LimitMEMLOCK=infinity

 [Install]
 WantedBy=multi-user.target
	[Unit]
	Description="HashiCorp Vault - A tool for managing secrets"
	Documentation=https://www.vaultproject.io/docs/
	Requires=network-online.target
	After=network-online.target
	ConditionFileNotEmpty=/etc/vault.d/vault.hcl
	StartLimitIntervalSec=60
	StartLimitBurst=3

	[Service]
	Type=notify
	EnvironmentFile=/etc/vault.d/vault.env
	User=vault
	Group=vault
	ProtectSystem=full
	ProtectHome=read-only
	PrivateTmp=yes
	PrivateDevices=yes
	SecureBits=keep-caps
	AmbientCapabilities=CAP_IPC_LOCK
	CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
	NoNewPrivileges=yes
	ExecStart=/usr/bin/vault server -config=/etc/vault.d/vault.hcl
	ExecReload=/bin/kill --signal HUP $MAINPID
	KillMode=process
	KillSignal=SIGINT
	Restart=on-failure
	RestartSec=5
	TimeoutStopSec=30
	LimitNOFILE=65536
	LimitMEMLOCK=infinity

	[Install]
	WantedBy=multi-user.target