Mirrors
/
rathole
mirror of https://github.com/rapiz1/rathole.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rathole/examples/systemd
History
boenshao 7923dec9f5
docs: non root user with systemd (#269) 
* doc: remove 'DynamicUser=yes', so the service can read config file with permission 600

* doc: add example for non-root systemd service

* fix(doc): should be 'app2.toml'
 		2023-07-07 18:57:26 +08:00
..
README.md docs: non root user with systemd (#269) 2023-07-07 18:57:26 +08:00
rathole@.service docs: non root user with systemd (#269) 2023-07-07 18:57:26 +08:00
ratholec.service docs: non root user with systemd (#269) 2023-07-07 18:57:26 +08:00
ratholec@.service docs: non root user with systemd (#269) 2023-07-07 18:57:26 +08:00
ratholes.service docs: non root user with systemd (#269) 2023-07-07 18:57:26 +08:00
ratholes@.service docs: non root user with systemd (#269) 2023-07-07 18:57:26 +08:00

README.md

Systemd Unit Examples

The directory lists some systemd unit files for example, which can be used to run rathole as a service on Linux.

The @ symbol in the name of unit files such as rathole@.service facilitates the management of multiple instances of rathole.

For the naming of the example, ratholes stands for rathole --server, and ratholec stands for rathole --client, rathole is just rathole.

For security, it is suggested to store configuration files with permission 600, that is, only the owner can read the file, preventing arbitrary users on the system from accessing the secret tokens.

With root privilege

Assuming that rathole is installed in /usr/bin/rathole, and the configuration file is in /etc/rathole/app1.toml, the following steps show how to run an instance of rathole --server with root.

  1. Create a service file.
sudo cp ratholes@.service /etc/systemd/system/
  1. Create the configuration file app1.toml.
sudo mkdir -p /etc/rathole
# And create the configuration file named `app1.toml` inside /etc/rathole
  1. Enable and start the service.
sudo systemctl daemon-reload # Make sure systemd find the new unit
sudo systemctl enable ratholes@app1 --now

Without root privilege

Assuming that rathole is installed in ~/.local/bin/rathole, and the configuration file is in ~/.local/etc/rathole/app1.toml, the following steps show how to run an instance of rathole --server without root.

  1. Edit the example service file as...
# with root
# ExecStart=/usr/bin/rathole -s /etc/rathole/%i.toml
# without root
ExecStart=%h/.local/bin/rathole -s %h/.local/etc/rathole/%i.toml
  1. Create a service file.
mkdir -p ~/.config/systemd/user
cp ratholes@.service ~/.config/systemd/user/
  1. Create the configuration file app1.toml.
mkdir -p ~/.local/etc/rathole
# And create the configuration file named `app1.toml` inside ~/.local/etc/rathole
  1. Enable and start the service.
systemctl --user daemon-reload # Make sure systemd find the new unit
systemctl --user enable ratholes@app1 --now

Run multiple services

To run multiple services at once, simply add another configuration, say app2.toml under /etc/rathole (~/.local/etc/rathole for non-root), then run sudo systemctl enable ratholes@app2 --now (systemctl --user enable ratholes@app2 --now for non-root) to start an instance for that configuration.

The same applies to ratholec@.service for rathole --client and rathole@.service for rathole.