-
-
Save kevin01523/4870a519a38904351d1c7e86d59d0b5b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Unit] | |
Description=SoftEther VPN Server | |
After=network.target auditd.service | |
ConditionPathExists=!/opt/vpnserver/do_not_run | |
[Service] | |
Type=forking | |
EnvironmentFile=-/opt/vpnserver | |
ExecStart=/opt/vpnserver/vpnserver start | |
ExecStartPost=/bin/sleep 3s | |
ExecStartPost=/sbin/ip address add 192.168.234.1/24 dev tap_vpn | |
ExecStop=/opt/vpnserver/vpnserver stop | |
KillMode=process | |
Restart=on-failure | |
# Hardening | |
PrivateTmp=yes | |
ProtectHome=yes | |
ProtectSystem=full | |
ReadOnlyDirectories=/ | |
ReadWriteDirectories=-/opt/vpnserver | |
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID | |
[Install] | |
WantedBy=multi-user.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment