add stunneld.service for systemd
This commit is contained in:
AJ ONeal
parent
061999cc34
commit
ae91fd5049
|
|
@ -30,6 +30,11 @@ Installs as `stunnel.js` with the alias `jstunnel`
|
||||||
npm install -g stunneld
|
npm install -g stunneld
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Then `dist/etc/systemd/system/stunneld.service` should be copied to `/etc/systemd/system/stunneld.service` and
|
||||||
|
the ARGUMENTS, such as SECRET, MUST BE CHANGED.
|
||||||
|
|
||||||
|
*TODO*: make `--config /path/to/config` the only argument (and have the secret auto-generated on first run?)
|
||||||
|
|
||||||
### Advanced Usage
|
### Advanced Usage
|
||||||
|
|
||||||
How to use `stunnel.js` with your own instance of `stunneld.js`:
|
How to use `stunnel.js` with your own instance of `stunneld.js`:
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,23 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Daplie Tunnel Server
|
||||||
|
After=network-online.target
|
||||||
|
Wants=network-online.target systemd-networkd-wait-online.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
# Always restart, unless it's restarting fast enough for us to believe it's completely broken
|
||||||
|
Restart=always
|
||||||
|
StartLimitInterval=10
|
||||||
|
StartLimitBurst=3
|
||||||
|
|
||||||
|
User=www-data
|
||||||
|
Group=www-data
|
||||||
|
WorkingDirectory=/srv/stunneld
|
||||||
|
# TODO needs --config option and these options should go in a config file
|
||||||
|
ExecStart=/srv/stunneld/bin/stunneld.js --servernames tunnel.example.com --secret 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' --email tunnel@example.com --agree-tos
|
||||||
|
|
||||||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
NoNewPrivileges=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
Loading…
Reference in New Issue