forked from netprickle/ipipou
-
Notifications
You must be signed in to change notification settings - Fork 0
37 lines (35 loc) · 1.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
[Unit]
Description=IPIP-over-UDP tunnel via ipipou for %I
After=network-online.target nss-lookup.target
Wants=network-online.target nss-lookup.target
#PartOf=ipipou.target
#Documentation=man:ipipou(8)
Documentation=https://github.com/netprickle/ipipou
[Service]
Type=simple
AmbientCapabilities=CAP_NET_ADMIN
# CAP_NET_RAW required to send auth packets or reply to them. Not required if auth not in use.
AmbientCapabilities=CAP_NET_RAW
#AmbientCapabilities=CAP_SYS_MODULE
# To skip CAP_SYS_MODULE in AmbientCapabilities load modules here
ExecStartPre=+/sbin/modprobe fou
ExecStartPre=+/sbin/modprobe ipip
ExecStart=/usr/local/bin/ipipou --config %i --no-log-time --no-log-pid
# Send auth packet on reload (client mode only)
ExecReload=/bin/kill -SIGUSR1 $MAINPID
#ExecReload=/usr/local/bin/ipipou --config %i --no-log-time --no-log-pid --reauth-only
# To avoid ocasional cleanup failures
KillMode=process
TimeoutStopSec=3s
# Consider cleanup errors as successful exit
SuccessExitStatus=200
# Python3 virtual environment if used
Environment=PYTHONPATH=/usr/local/lib/ipipou
StandardInput=null
#ProtectHome=yes
ProtectSystem=strict
#User=ipipou
#Group=ipipou
DynamicUser=yes
[Install]
WantedBy=multi-user.target