24 lines
728 B
SYSTEMD
24 lines
728 B
SYSTEMD
|
[Unit]
|
||
|
Description=Daplie Tunnel Server
|
||
|
After=network-online.target
|
||
|
Wants=network-online.target systemd-networkd-wait-online.service
|
||
|
|
||
|
[Service]
|
||
|
# Always restart, unless it's restarting fast enough for us to believe it's completely broken
|
||
|
Restart=always
|
||
|
StartLimitInterval=10
|
||
|
StartLimitBurst=3
|
||
|
|
||
|
User=www-data
|
||
|
Group=www-data
|
||
|
WorkingDirectory=/srv/stunneld
|
||
|
# TODO needs --config option and these options should go in a config file
|
||
|
ExecStart=/srv/stunneld/bin/stunneld.js --servernames tunnel.example.com --secret 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' --email tunnel@example.com --agree-tos
|
||
|
|
||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||
|
NoNewPrivileges=true
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|