yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-29 22:55:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
2151 commits 8 branches 48 tags 25 MiB
Commit graph

14 commits

Author SHA1 Message Date
TomZ
aa46ee57bb [Security] do not run as root. 
An Internet accessible service should aim to have as little as
possible attack surface, which is much easier to do when running
with the absolute minimum number of priviledges.

This makes the systemd setup run the service as a user 'yggdrasil'
and uses the systemd feature `RuntimeDirectory` to auto-create
the /var/run/yggdrasil dir so our non-elevated client can still
create the socket.

The sysusers file will cause the user be created on first install
using the sysusers subsystem.
 2022-01-09 14:50:19 +01:00
Neil Alexander
4f3117d81d Use network-online.target instead of network.target for systemd service unit 2021-11-03 17:40:06 +00:00
cofob
6a0ddc20ef
Allow yggdrasil bind to ports <1024 2021-07-21 17:57:59 +07:00
Neil Alexander
4b16c325a3
Merge pull request #607 from Arano-kai/feature/systemd_modular_unit 
Systemd: move config generation to a separate unit
 2019-12-10 12:02:46 +00:00
Arceliar
38c54efd73
Update yggdrasil.service 2019-11-24 22:54:30 -06:00
Arano-kai
7068160b20 Systemd: move config generation to a separate unit 
- Modular unit composition: different tasks in separate units
- Use systemd tool set to run checks
- Avoid using inline shell in unit
 2019-11-14 16:52:04 +02:00
Arano-kai
74d824302b FIX: Systemd: typo in directive 2019-10-29 16:36:03 +02:00
Neil Alexander
b0bcf29d27
Allow ExecStartPre to fail for containers (#573) 2019-10-23 11:15:57 +01:00
Arano-kai
045a24d74e Systemd: tun module and capabilities 
- Enable (and limit to) capabilities that require to setup tun/tap interface.
- Ensure that tun module is active.
 2019-10-02 00:36:33 +03:00
Neil Alexander
d6ee20580d
Set TimeoutStopSec for systemd service 2019-09-27 09:37:34 +01:00
Neil Alexander
24cf4b9d2b
Add ExecReload for SIGHUP 2019-02-18 22:31:34 +00:00
Neil Alexander
9f7609817e
Remove yggdrasil-resume.service from systemd contrib and Debian package 2019-02-10 12:22:39 +00:00
Neil Alexander
e1c7983752
Update debian package to fix systemd disabling (not good for remote systems) and add group yggdrasil for admin socket/conf 2018-12-14 14:25:26 +00:00
Neil Alexander
cdf00ddceb Add systemd service files 2018-01-28 11:59:22 +00:00