marcorealacci/docker-magic-firewall
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
docker-magic-firewall/systemd/magicfw.service

31 lines
No EOL
669 B
Desktop File
Raw Permalink Blame History

[Unit]
Description=Docker Magic Firewall
After=docker.service network-online.target firewalld.service
Requires=docker.service
Wants=network-online.target
StartLimitIntervalSec=60
StartLimitBurst=10
[Service]
Type=exec
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/python3 /opt/docker_magicfw.py
# Environment variables (customize as needed)
Environment=LOG_LEVEL=INFO
Environment=ENABLE_IPV4=true
Environment=ENABLE_IPV6=true
Environment=DISABLE_NAT=true
# Security hardening
User=root
Group=root
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
PrivateTmp=yes
ProtectSystem=strict
ProtectHome=read-only
NoNewPrivileges=yes
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink