diff options
| author | Daiyuu Nobori <da.git@softether.co.jp> | 2016-11-27 11:54:12 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-11-27 11:54:12 +0300 |
| commit | ec5fb8ead7d3f1f05b819641d8993fb5d5591b73 (patch) | |
| tree | 59342a658d70514cabc57ad0e303f7624b68453a | |
| parent | b6d855f8c87480d8c33c4c43a6349386dde830a8 (diff) | |
| parent | a9b9afc806a5df8598fd9acda2424d9c48ac8462 (diff) | |
Merge pull request #180 from hsaito/master
Systemd service configuration files for SoftEther
| -rw-r--r-- | systemd/softether-vpnbridge.service | 23 | ||||
| -rw-r--r-- | systemd/softether-vpnclient.service | 25 | ||||
| -rw-r--r-- | systemd/softether-vpnserver.service | 25 |
3 files changed, 73 insertions, 0 deletions
diff --git a/systemd/softether-vpnbridge.service b/systemd/softether-vpnbridge.service new file mode 100644 index 00000000..2f508820 --- /dev/null +++ b/systemd/softether-vpnbridge.service @@ -0,0 +1,23 @@ +[Unit] +Description=SoftEther VPN Bridge +After=network.target auditd.service +ConditionPathExists=!/opt/vpnbridge/do_not_run + +[Service] +Type=forking +ExecStart=/opt/vpnbridge/vpnbridge start +ExecStop=/opt/vpnbridge/vpnbridge stop +KillMode=process +Restart=on-failure + +# Hardening +PrivateTmp=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/opt/vpnbridge +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID + +[Install] +WantedBy=multi-user.target + diff --git a/systemd/softether-vpnclient.service b/systemd/softether-vpnclient.service new file mode 100644 index 00000000..1e9dbd0e --- /dev/null +++ b/systemd/softether-vpnclient.service @@ -0,0 +1,25 @@ +[Unit] +Description=SoftEther VPN Client +After=network.target auditd.service +ConditionPathExists=!/opt/vpnclient/do_not_run + +[Service] +Type=forking +EnvironmentFile=-/opt/vpnclient +ExecStart=/opt/vpnclient/vpnclient start +ExecStop=/opt/vpnclient/vpnclient stop +KillMode=process +Restart=on-failure + +# Hardening +PrivateTmp=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/opt/vpnclient +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID + +[Install] +WantedBy=multi-user.target + + diff --git a/systemd/softether-vpnserver.service b/systemd/softether-vpnserver.service new file mode 100644 index 00000000..951b13db --- /dev/null +++ b/systemd/softether-vpnserver.service @@ -0,0 +1,25 @@ +[Unit] +Description=SoftEther VPN Server +After=network.target auditd.service +ConditionPathExists=!/opt/vpnserver/do_not_run + +[Service] +Type=forking +EnvironmentFile=-/opt/vpnserver +ExecStart=/opt/vpnserver/vpnserver start +ExecStop=/opt/vpnserver/vpnserver stop +KillMode=process +Restart=on-failure + +# Hardening +PrivateTmp=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/opt/vpnserver +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID + +[Install] +WantedBy=multi-user.target + + |