В Tue, 2 Jun 2015 10:45:24 -0400 Matthew Karas <mkarasc...@gmail.com> пишет:
> Andrei - I'm making good progress on your suggestion but I've hit a > snag getting the socket for port 22. Since I'm not starting dropbear > through systemd but in the up script, how do I get the system to > define port 22? > > If I tell systemctl to start dropbear.socket - it starts up the > dropbear service without my special configs (as it starts > dropbear.service). If I don't start dropbear.socket - my script > errors out because port22 isn't a socket. > Sorry, I do not understand what "getting a socket" means. If you show actual script and unit definition, it may help to understand. > On Mon, Jun 1, 2015 at 11:37 PM, Andrei Borzenkov <arvidj...@gmail.com> wrote: > > В Mon, 1 Jun 2015 16:36:38 -0400 > > Matthew Karas <mkarasc...@gmail.com> пишет: > > > >> I am trying to start a dropbear service after my openvpn service starts up. > >> > >> ----------------------------------- > >> [Unit] > >> Description=SSH Per-Connection Server > >> Wants=dropbearkey.service > >> After=syslog.target dropbearkey.service > >> Wants=openvpn@equipment.service > >> After=openvpn@equipment.service > >> ----------------------------------- > >> > >> > >> But I would like to start up the service after "tun0" interface is > >> available (made by openvpn). > >> > >> How do I find out what to put in "Wants" and "After" for tun0? I > >> can't seem to find anything related > >> > >> Also if there is a better way to get dropbear to start after tun0 has > >> appeared I'm open to doing that as well. My goal is to have my ssh > >> server only look at my openvpn address and ignore ssh requests that > >> are not from the vpn iface. I'm thinking I can do this with a script > >> setting up drop bear with the -p option (and looking for my tun0 ip4 > >> address and using it). > >> > > > > What about using OpenVPN hooks to start service after connection is > > established? You can pass it (service) interface name and bind it to > > interface so it is automatically stopped when interface is teared down. > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel