mirrors/redoctober
1
0
Fork 0
mirror of https://github.com/cloudflare/redoctober.git synced 2026-01-03 11:45:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
638a25bbbc56d07e0bae7209bd571a00dc134e46
redoctober/redoctober.service
Joshua Kroll 638a25bbbc Add the ability to listen to systemd-provided sockets. 
Add a new flag, -systemdfds, which causes Red October to expect to be
provisioned on launch with file descriptors for sockets opened by
systemd. This is useful for socket activation, but also allows systemd
to bind privileged ports for us. I've included example systemd
configuration files that successfully start Red October as a service
user without admin rights but bound to 443 in a Jessie VM for me. They
need to be installed where systemd expects them, which on Jessie is
/etc/systemd/system/redoctober.service and
/etc/systemd/system/sockets.target.wants/redoctober.socket.
2015-10-09 11:24:08 -07:00

27 lines
670 B
Desktop File
Raw Blame History

# An example service file for systemd-managed Red October, for use
# with the accompanying socket file. Useful for running as an
# unprivileged user while binding to a privileged port, for example.
[Unit]
Description='Red October'
Requires=network.target
After=multi-user.target
[Exec]
User=redoctober
Group=redoctober
[Service]
Type=simple
ExecStart=/usr/local/sbin/redoctober -vaultpath=/etc/redoctober/diskrecord.json -cert=/etc/redoctober/cert/server.crt -key=/etc/redoctober/cert/server.pem -systemdfds
User=redoctober
Group=redoctober
SyslogIdentifier=redoctober
StandardOutput=syslog
StandardError=inherit
Restart=always
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink