bughz/glider
1
0
Fork 0
mirror of https://github.com/nadoo/glider.git synced 2025-02-23 09:25:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
d68f361c35
glider/systemd/glider@.service
nadoo 826695df9a chore(systemd): use DynamicUser
2021-12-20 22:41:44 +08:00

25 lines
718 B
Desktop File
Raw Blame History

[Unit]
Description=Glider Service (%i)
After=network.target iptables.service ip6tables.service
[Service]
Type=simple
DynamicUser=yes
Restart=always
LimitNOFILE=102400
# NOTE: CHANGE to your glider path
ExecStart=/usr/bin/glider -config /etc/glider/%i.conf
# NOTE:
# work with systemd v229 or later, so glider can listen on port below 1024 with none-root user
# CAP_NET_ADMIN: ipset, setsockopt: IP_TRANSPARENT
# CAP_NET_BIND_SERVICE: bind ports under 1024
# CAP_NET_RAW: bind raw socket and broadcasting (used by dhcpd)
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink