26 lines
582 B
SYSTEMD
26 lines
582 B
SYSTEMD
|
[Unit]
|
||
|
Description=SoftEther VPN Server
|
||
|
After=network.target auditd.service
|
||
|
ConditionPathExists=!/opt/vpnserver/do_not_run
|
||
|
|
||
|
[Service]
|
||
|
Type=forking
|
||
|
EnvironmentFile=-/opt/vpnserver
|
||
|
ExecStart=/opt/vpnserver/vpnserver start
|
||
|
ExecStop=/opt/vpnserver/vpnserver stop
|
||
|
KillMode=process
|
||
|
Restart=on-failure
|
||
|
|
||
|
# Hardening
|
||
|
PrivateTmp=yes
|
||
|
ProtectHome=yes
|
||
|
ProtectSystem=full
|
||
|
ReadOnlyDirectories=/
|
||
|
ReadWriteDirectories=-/opt/vpnserver
|
||
|
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|
||
|
|
||
|
|