rrr-marble
4 years ago
commit
4faa39f3a9
@ -0,0 +1,12 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=DoH DNS server inside %I netns
|
||||||
|
BindsTo=systemd-netns@%i.service propnetnsup@%i.service
|
||||||
|
After=systemd-netns@%i.service propnetnsup@%i.service
|
||||||
|
JoinsNamespaceOf=systemd-netns@%i.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=exec
|
||||||
|
ExecStart=/usr/bin/ip netns exec %I doh-client -conf /etc/dns-over-https/doh-client.conf -verbose
|
||||||
|
|
||||||
|
PrivateNetwork=true
|
||||||
|
PrivateTmp=true
|
||||||
@ -0,0 +1,18 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Prop %I netns up with addresses and such
|
||||||
|
BindsTo=systemd-netns@%i.service
|
||||||
|
Requires=systemd-netns@%i.service sys-subsystem-net-devices-ens0.device
|
||||||
|
After=systemd-netns@%i.service sys-subsystem-net-devices-ens0.device
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=true
|
||||||
|
ExecStart=/usr/bin/ip link set dev ens0 netns %I
|
||||||
|
ExecStart=/usr/bin/ip netns exec %I ip address add 10.0.0.11 dev ens0
|
||||||
|
ExecStart=/usr/bin/ip netns exec %I ip link set dev ens0 up
|
||||||
|
ExecStart=/usr/bin/ip netns exec %I ip -6 route add default dev ens0
|
||||||
|
ExecStart=/usr/bin/ip netns exec %I ip route add default dev ens0
|
||||||
|
|
||||||
|
PrivateTmp = true
|
||||||
@ -0,0 +1,14 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Turn shadowsocks proxy into network namespace
|
||||||
|
BindsTo=systemd-netns@shadowed.service
|
||||||
|
After=systemd-netns@shadowed.service
|
||||||
|
Wants=dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||||
|
Before=dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||||
|
PropagatesStopTo=systemd-netns@shadowed.service dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||||
|
PropagatesReloadTo=dns4netns@shadowed.service propnetnsup@shadowed.service
|
||||||
|
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=exec
|
||||||
|
ExecStart=/usr/bin/ssservice local --log-without-time --protocol tun --tun-interface-name ens0 --config /etc/shadowsocks/config.json
|
||||||
|
PrivateTmp = true
|
||||||
@ -0,0 +1,19 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Named network namespace %i
|
||||||
|
JoinsNamespaceOf=systemd-netns@%i.service
|
||||||
|
After=syslog.target network.target tor.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=true
|
||||||
|
PrivateNetwork=true
|
||||||
|
|
||||||
|
# Start process
|
||||||
|
ExecStartPre=-/usr/bin/ip netns delete %I
|
||||||
|
ExecStart=/usr/bin/ip netns add %I
|
||||||
|
ExecStart=/usr/bin/ip netns exec %I ip link set lo up
|
||||||
|
ExecStart=/usr/bin/umount /run/netns/%I
|
||||||
|
ExecStart=/usr/bin/mount --bind /proc/self/ns/net /run/netns/%I
|
||||||
|
|
||||||
|
# Stop process
|
||||||
|
ExecStop=/usr/bin/ip netns delete %I
|
||||||
@ -0,0 +1,16 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Turn tor socks proxy into network namespace
|
||||||
|
#Description=SOCKSPort unix:/run/tor/socks WorldWritable is requred
|
||||||
|
AssertPathExists=/run/tor/socks
|
||||||
|
BindsTo=tor.service systemd-netns@tored.service
|
||||||
|
After=tor.service systemd-netns@tored.service
|
||||||
|
Wants=dns4netns@tored.service propnetnsup@tored.service
|
||||||
|
Before=dns4netns@tored.service propnetnsup@tored.service
|
||||||
|
PropagatesStopTo=systemd-netns@tored.service
|
||||||
|
PropagatesReloadTo=dns4netns@tored.service
|
||||||
|
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=exec
|
||||||
|
ExecStart=/usr/bin/tun2socks --device ens0 --proxy /run/tor/socks
|
||||||
|
PrivateTmp = true
|
||||||
Loading…
Reference in new issue