balki/nnss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make unique dynamic user for each ssh connection and improve doc

Browse Source
This commit is contained in:
Balakrishnan Balasubramanian
2025-07-27 22:00:03 -04:00
parent 90cab573eb
commit 739cca01c4
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nnss-ssh@.service
View File

@@ -8,9 +8,13 @@ StopWhenUnneeded=yes
Type=notify Type=notify
NotifyAccess=all NotifyAccess=all
DynamicUser=yes DynamicUser=yes
User=nnss-ssh-%i
LoadCredential=ssh:/etc/nnss/%i LoadCredential=ssh:/etc/nnss/%i
# Note: App service running in the namespace should have Restart=always,
# otherwise, both the ssh connection and the app will be stopped as this unit
# has StopWhenUnneeded set
# https://enotty.pipebreaker.pl/posts/2024/01/how-systemd-exponential-restart-delay-works/ # https://enotty.pipebreaker.pl/posts/2024/01/how-systemd-exponential-restart-delay-works/
Restart=on-failure Restart=on-failure
RestartSec=5min RestartSec=5min

2
nnssB@.service
View File

@@ -10,7 +10,7 @@ NotifyAccess=all
RuntimeDirectory=nnssB%i RuntimeDirectory=nnssB%i
# Add SOCKS_PROXY environment variable to below file. E.g. # Add SOCKS_PROXY environment variable to below file. E.g.
# SOCKS_PROXY=socks5://127.0.0.1:9050 # echo SOCKS_PROXY=socks5://127.0.0.1:9050 > /etc/nnss/env_tor
EnvironmentFile=/etc/nnss/env_%i EnvironmentFile=/etc/nnss/env_%i
ExecStart=/usr/lib/nnss/tunsocks.sh "%i" use_env setup ExecStart=/usr/lib/nnss/tunsocks.sh "%i" use_env setup