2 files changed, 32 insertions, 3 deletions

diff --git a/app-metrics/alertmanager/alertmanager-0.21.0-r1.ebuild b/app-metrics/alertmanager/alertmanager-0.21.0-r2.ebuild
index 7905234ae370..d32f697ad15c 100644
--- a/app-metrics/alertmanager/alertmanager-0.21.0-r1.ebuild
+++ b/app-metrics/alertmanager/alertmanager-0.21.0-r2.ebuild
@@ -3,7 +3,7 @@
 
 EAPI=7
 
-inherit go-module
+inherit go-module systemd
 
 GIT_COMMIT=4c6c03eb
 MY_PV="${PV/_rc/-rc.}"
@@ -41,9 +41,10 @@ src_install() {
 	dobin bin/*
 	dodoc {README,CHANGELOG}.md
 	insinto /etc/alertmanager/
-	newins doc/examples/simple.yml config.yml.example
+	newins doc/examples/simple.yml config.yml
 	keepdir /var/lib/alertmanager /var/log/alertmanager
+	systemd_dounit "${FILESDIR}"/alertmanager.service
 	newinitd "${FILESDIR}"/${PN}.initd ${PN}
 	newconfd "${FILESDIR}"/${PN}.confd ${PN}
-	fowners ${PN}:${PN} /var/lib/alertmanager /var/log/alertmanager
+	fowners ${PN}:${PN} /etc/alertmanager /var/lib/alertmanager /var/log/alertmanager
 }
diff --git a/app-metrics/alertmanager/files/alertmanager.service b/app-metrics/alertmanager/files/alertmanager.service
new file mode 100644
index 000000000000..b97976dd8dc8
--- /dev/null
+++ b/app-metrics/alertmanager/files/alertmanager.service
@@ -0,0 +1,28 @@
+[Unit]
+Description=Alertmanager for prometheus
+Documentation=https://prometheus.io/docs/alerting/alertmanager/
+Requires=network-online.target
+After=network-online.target
+
+[Service]
+User=alertmanager
+ExecStart=/usr/bin/alertmanager --cluster.listen-address= --config.file=/etc/alertmanager/config.yml --storage.path=/var/lib/alertmanager/
+ExecReload=/bin/kill -HUP $MAINPID
+
+NoNewPrivileges=true
+ProtectHome=true
+ProtectSystem=full
+ProtectHostname=true
+ProtectControlGroups=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+LockPersonality=true
+PrivateTmp=true
+PrivateDevices=True
+RestrictRealtime=true
+CapabilityBoundingSet=
+SystemCallArchitectures=native
+MemoryDenyWriteExecute=true
+
+[Install]
+WantedBy=multi-user.target