add stunneld.service for systemd

This commit is contained in:
AJ ONeal 2017-10-04 17:37:07 -06:00
parent 061999cc34
commit ae91fd5049
2 changed files with 28 additions and 0 deletions

View File

@ -30,6 +30,11 @@ Installs as `stunnel.js` with the alias `jstunnel`
npm install -g stunneld
```
Then `dist/etc/systemd/system/stunneld.service` should be copied to `/etc/systemd/system/stunneld.service` and
the ARGUMENTS, such as SECRET, MUST BE CHANGED.
*TODO*: make `--config /path/to/config` the only argument (and have the secret auto-generated on first run?)
### Advanced Usage
How to use `stunnel.js` with your own instance of `stunneld.js`:

View File

@ -0,0 +1,23 @@
[Unit]
Description=Daplie Tunnel Server
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
[Service]
# Always restart, unless it's restarting fast enough for us to believe it's completely broken
Restart=always
StartLimitInterval=10
StartLimitBurst=3
User=www-data
Group=www-data
WorkingDirectory=/srv/stunneld
# TODO needs --config option and these options should go in a config file
ExecStart=/srv/stunneld/bin/stunneld.js --servernames tunnel.example.com --secret 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' --email tunnel@example.com --agree-tos
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target