From e136d3edbdb6749d4559939dc9fcbc11d166e34c Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 31 May 2017 17:39:57 +0200 Subject: =?UTF-8?q?/lib/systemd/system=20=E2=86=92=20/etc/systemd/system?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../files/etc/systemd/system/stunnel4@.service | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 roles/common/files/etc/systemd/system/stunnel4@.service (limited to 'roles/common/files/etc/systemd/system/stunnel4@.service') diff --git a/roles/common/files/etc/systemd/system/stunnel4@.service b/roles/common/files/etc/systemd/system/stunnel4@.service new file mode 100644 index 0000000..e53d29e --- /dev/null +++ b/roles/common/files/etc/systemd/system/stunnel4@.service @@ -0,0 +1,23 @@ +[Unit] +Description=SSL tunnel for network daemons (instance %i) +After=network.target nss-lookup.target +PartOf=stunnel4.service +ReloadPropagatedFrom=stunnel4.service + +[Service] +ExecStart=/usr/bin/stunnel4 /etc/stunnel/%i.conf +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT +TimeoutStartSec=120 +TimeoutStopSec=60 +Restart=on-failure + +# Hardening +NoNewPrivileges=yes +PrivateDevices=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ + +[Install] +WantedBy=multi-user.target -- cgit v1.2.3