pool/tailscale
SHA256
17
0
Fork 2
Code Issues Pull Requests Activity
Files
factory
tailscale/tailscaled.service

36 lines
1.0 KiB
SYSTEMD
Raw Permalink Normal View History

Accepting request 1105152 from home:rrahl0 fixed spec file OBS-URL: https://build.opensuse.org/request/show/1105152 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=1
2023-08-22 11:57:59 +00:00
[Unit]
Description=Tailscale node agent
Documentation=https://tailscale.com/kb/
Wants=network-pre.target
After=network-pre.target NetworkManager.service systemd-resolved.service
[Service]
EnvironmentFile=/etc/default/tailscaled
ExecStartPre=/usr/sbin/tailscaled --cleanup
ExecStart=/usr/sbin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=${PORT} $FLAGS
ExecStopPost=/usr/sbin/tailscaled --cleanup
Restart=on-failure
RuntimeDirectory=tailscale
RuntimeDirectoryMode=0755
StateDirectory=tailscale
StateDirectoryMode=0700
CacheDirectory=tailscale
CacheDirectoryMode=0750
Type=notify
Accepting request 1105279 from home:avicenzi:branches:network:vpn cleanup OBS-URL: https://build.opensuse.org/request/show/1105279 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=2
2023-08-22 13:34:21 +00:00
# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
Accepting request 1147777 from home:avicenzi:branches:network:vpn Cleanup OBS-URL: https://build.opensuse.org/request/show/1147777 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=16
2024-02-20 14:50:20 +00:00
PrivateDevices=true
ProtectClock=true
ProtectControlGroups=true
Accepting request 1105279 from home:avicenzi:branches:network:vpn cleanup OBS-URL: https://build.opensuse.org/request/show/1105279 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=2
2023-08-22 13:34:21 +00:00
ProtectHome=true
ProtectHostname=true
ProtectKernelLogs=true
Accepting request 1147777 from home:avicenzi:branches:network:vpn Cleanup OBS-URL: https://build.opensuse.org/request/show/1147777 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=16
2024-02-20 14:50:20 +00:00
ProtectKernelModules=true
ProtectKernelTunables=true
Accepting request 1105279 from home:avicenzi:branches:network:vpn cleanup OBS-URL: https://build.opensuse.org/request/show/1105279 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=2
2023-08-22 13:34:21 +00:00
RestrictRealtime=true
Accepting request 1147777 from home:avicenzi:branches:network:vpn Cleanup OBS-URL: https://build.opensuse.org/request/show/1147777 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=16
2024-02-20 14:50:20 +00:00
# give permission to TUN
BindPaths=/dev/net/tun
DeviceAllow=/dev/net/tun rw
Accepting request 1105152 from home:rrahl0 fixed spec file OBS-URL: https://build.opensuse.org/request/show/1105152 OBS-URL: https://build.opensuse.org/package/show/network:vpn/tailscale?expand=0&rev=1
2023-08-22 11:57:59 +00:00
[Install]
WantedBy=multi-user.target
Reference in New Issue Copy Permalink