softether-vpn/systemd/softether-vpnserver.service

26 lines
582 B
SYSTEMD
Raw Normal View History

[Unit]
Description=SoftEther VPN Server
After=network.target auditd.service
ConditionPathExists=!/opt/vpnserver/do_not_run
[Service]
Type=forking
EnvironmentFile=-/opt/vpnserver
ExecStart=/opt/vpnserver/vpnserver start
ExecStop=/opt/vpnserver/vpnserver stop
KillMode=process
Restart=on-failure
# Hardening
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
ReadOnlyDirectories=/
ReadWriteDirectories=-/opt/vpnserver
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
[Install]
WantedBy=multi-user.target