sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-17 15:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
782a8cb13036db0a5eecf8296d8cb5ef51a8760f
netbird/release_files/systemd/netbird@.service
Krzysztof Nazarewski 782a8cb130 fix: keep the daemon socket address constant
2025-07-10 19:01:11 +02:00

51 lines
1.2 KiB
Desktop File
Raw Blame History

[Unit]
Description=Netbird Client (%i)
Documentation=https://netbird.io/docs
After=network-online.target syslog.target
Wants=network-online.target
[Service]
Type=simple
Environment=NB_CONFIG=/etc/netbird/%i.json
Environment=NB_STATE_DIR=/var/lib/netbird/%i
Environment=NB_LOG_FILE=/var/log/netbird/%i/client.log
Environment=NB_DAEMON_ADDR=unix://var/run/netbird.sock
Environment=NB_SERVICE=%N
# for compatibility with older versions
Environment=SYSTEMD_UNIT=%N
EnvironmentFile=-/etc/default/netbird
EnvironmentFile=-/etc/default/netbird-%i
ExecStart=/usr/bin/netbird service run $FLAGS
Restart=on-failure
RestartSec=5
TimeoutStopSec=10
CacheDirectory=netbird/%i
ConfigurationDirectory=netbird
LogsDirectory=netbird/%i
RuntimeDirectory=netbird
StateDirectory=netbird/%i
# sandboxing
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
PrivateMounts=yes
PrivateTmp=yes
ProtectClock=yes
ProtectControlGroups=yes
ProtectHome=yes
ProtectHostname=yes
ProtectKernelLogs=yes
# needed to load wg module for kernel-mode WireGuard
ProtectKernelModules=no
ProtectKernelTunables=no
ProtectSystem=yes
RemoveIPC=yes
RestrictNamespaces=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink