탐색 도움말
로그인
mark22k
/
dn42-router
의 미러 https://codeberg.org/mark22k/dn42-router.git
Watch 1
Star 0
포크 0
파일 이슈 0
트리: 50758431c1
브랜치 태그
dn42-router
/
roles
/
config-ripe-atlas
/
templates
/
ripe-atlas.service.j2

ripe-atlas.service.j2 1.0 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839 
  1. [Unit]
    2. 

  2. Description=Atlas Probe
    3. 

  3. After=network-online.target syslog.target
    4. 

  4. 

  5. [Service]
    6. 

  6. RemoveIPC=yes
    7. 

  7. CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
    8. 

  8. 

  9. {% if ripe_atlas.allow is defined %}
    10. 

  10. IPAddressAllow={% set comma = joiner(" ") %}{% for host in ripe_atlas.allow %}{{ comma() }}{{ host }}{% endfor %}
    11. 

  11. {% endif %}
    12. 

  12. 

  13. IPAddressDeny=172.20.0.0/14 172.31.0.0/16 10.0.0.0/8 fd00::/8 172.24.0.0/16 2001:db8:dead:beef::/64 100.64.0.0/10 fd7a:115c:a1e0::/96 {% if ripe_atlas.deny is defined %}{% for host in ripe_atlas.deny %} {{ host }}{% endfor %}{% endif %}
    14. 

  14. 

  15. PrivateTmp=yes
    16. 

  16. DeviceAllow=
    17. 

  17. PrivateMounts=true
    18. 

  18. ProtectControlGroups=true
    19. 

  19. ProtectProc=noaccess
    20. 

  20. ProtectSystem=true
    21. 

  21. ProtectHome=read-only
    22. 

  22. PermissionsStartOnly=true
    23. 

  23. LimitNOFILE=1048576
    24. 

  24. LimitNPROC=512
    25. 

  25. UMask=600
    26. 

  26. 

  27. User=ripe-atlas
    28. 

  28. Group=ripe-atlas
    29. 

  29. Environment=HOME=/var/spool/ripe-atlas
    30. 

  30. WorkingDirectory=/var/spool/ripe-atlas
    31. 

  31. ExecStart=/usr/sbin/ripe-atlas
    32. 

  32. ExecStop=/usr/bin/killall -n 0 telnetd perd eperd eooqd
    33. 

  33. Restart=always
    34. 

  34. TimeoutStopSec=60
    35. 

  35. 

  36. [Install]
    37. 

  37. WantedBy=multi-user.target
    38. 

  38. 

  39.