blob: 16a1ba6914af76eec9293845fe701fcb211c8423 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
# wireguard tunnels inside the namespace
[Unit]
Description=WireGuard via wg-quick(8) for %I
PartOf=wg-quick.target
Documentation=man:wg-quick(8)
Documentation=man:wg(8)
Documentation=https://www.wireguard.com/
Documentation=https://www.wireguard.com/quickstart/
Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
Documentation=https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
After=dn42_namespace.service network-online.target nss-lookup.target
Requires=dn42_namespace.service network-online.target nss-lookup.target
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/wg-quick up /etc/wireguard/dn42/%i.conf
ExecStop=/usr/bin/wg-quick down /etc/wireguard/dn42/%i.conf
#ExecReload=/bin/bash -c 'exec /usr/bin/wg syncconf %i <(exec /usr/bin/wg-quick strip %i)'
Environment=WG_ENDPOINT_RESOLUTION_RETRIES=infinity
NetworkNamespacePath=/run/netns/dn42
BindReadOnlyPaths=/etc/netns/dn42/resolv.conf:/etc/resolv.conf
ProtectSystem=strict
[Install]
WantedBy=multi-user.target
|
