marcorealacci/docker-magic-firewall
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
docker-magic-firewall/systemd/magicfw.service
Marco Realacci 0a7a3f70eb
All checks were successful
Build and Publish Debian Package / build (push) Successful in 39s
Details
rename package
2025-03-15 02:54:49 +01:00

31 lines
No EOL
652 B
Desktop File
Raw Blame History

[Unit]
Description=Docker Magic Firewall
After=docker.service network-online.target firewalld.service
Requires=docker.service
Wants=network-online.target
StartLimitIntervalSec=60
StartLimitBurst=10
[Service]
Type=exec
Restart=on-failure
RestartSec=5s
ExecStart=/usr/local/bin/magicfw
# Environment variables (customize as needed)
Environment=LOG_LEVEL=INFO
Environment=ENABLE_IPV4=true
Environment=ENABLE_IPV6=true
Environment=DISABLE_NAT=true
# Security hardening
User=root
Group=root
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
PrivateTmp=yes
ProtectSystem=strict
ProtectHome=read-only
NoNewPrivileges=yes
[Install]
WantedBy=multi-user.target
Reference in a new issue View git blame Copy permalink