Created
April 5, 2021 17:03
-
-
Save chengjianhua/8c440e4543a95402dd32c64021cc3f91 to your computer and use it in GitHub Desktop.
[Linux Systemd Unit File Example] #linux #shell #systemd # service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 本文件复制自部署机器上 openvpn 生成的 systemd service 文件,目录为 | |
| # /lib/systemd/system/openvpn@.service | |
| # | |
| # 其源代码也可以在 https://packages.ubuntu.com/en/xenial-updates/openvpn 中下载 | |
| # 源包获得 | |
| [Unit] | |
| Description=OpenVPN connection to %i | |
| PartOf=openvpn.service | |
| ReloadPropagatedFrom=openvpn.service | |
| Before=systemd-user-sessions.service | |
| Documentation=man:openvpn(8) | |
| Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage | |
| Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO | |
| [Service] | |
| # 为了在失败后可以自动重启而不需要人为重启服务,这是复制本文件的主要目的 | |
| Restart=on-failure | |
| PrivateTmp=true | |
| KillMode=mixed | |
| Type=forking | |
| ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid | |
| PIDFile=/run/openvpn/%i.pid | |
| ExecReload=/bin/kill -HUP $MAINPID | |
| WorkingDirectory=/etc/openvpn | |
| ProtectSystem=yes | |
| CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_AUDIT_WRITE | |
| LimitNPROC=10 | |
| DeviceAllow=/dev/null rw | |
| DeviceAllow=/dev/net/tun rw | |
| [Install] | |
| WantedBy=multi-user.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment