mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-29 06:29:36 +01:00
aminda-nocron: ensure firewall allows ssh etc.
This commit is contained in:
parent
3b4effc404
commit
13829a101c
@ -15,12 +15,21 @@ ExecStartPre=-/usr/bin/systemctl start firewalld.service
|
|||||||
# https://github.com/systemd/zram-generator
|
# https://github.com/systemd/zram-generator
|
||||||
#ExecStart=-/usr/bin/systemctl start /dev/zram0
|
#ExecStart=-/usr/bin/systemctl start /dev/zram0
|
||||||
ExecStart=-/usr/bin/systemctl enable --now systemd-zram-setup@zram0.service
|
ExecStart=-/usr/bin/systemctl enable --now systemd-zram-setup@zram0.service
|
||||||
# Ensure we really allow ICMPv6 on FEDORA (or firewalld)
|
# Ensure we really allow ICMPv6 on FEDORA (or firewalld). Also other essential services.
|
||||||
ExecStart=-/usr/bin/firewall-cmd --add-protocol=ipv6-icmp
|
ExecStart=-/usr/bin/firewall-cmd --add-protocol=ipv6-icmp
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --add-service=ssh --permanent
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --add-service=mosh --permanent
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --add-service=ntp --permanent
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --add-service=syncthing --permanent
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --add-service=mdns --permanent
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --add-service=kdeconnect --permanent
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=9001/udp
|
||||||
|
ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=6771/udp
|
||||||
# 3rd party Xbox controller initialization. See Mikaela/gist/gayming/
|
# 3rd party Xbox controller initialization. See Mikaela/gist/gayming/
|
||||||
#ExecStart=-/root/fixcontroller.py
|
#ExecStart=-/root/fixcontroller.py
|
||||||
# This is actually in the delayed variant of this service, but anyway
|
# This is actually in the delayed variant of this service, but anyway
|
||||||
ExecStart=-/usr/bin/systemctl start yggdrasil.service
|
ExecStart=-/usr/bin/systemctl enable --now yggdrasil.service
|
||||||
|
ExecStart=-/usr/bin/systemctl enable --now sshguard.service
|
||||||
User=root
|
User=root
|
||||||
StandardOutput=journal
|
StandardOutput=journal
|
||||||
StandardError=journal
|
StandardError=journal
|
||||||
|
@ -8,6 +8,7 @@ TimeoutStartSec=infinity
|
|||||||
# Another attempt at ensuring Yggdrasil works with nordvpnd
|
# Another attempt at ensuring Yggdrasil works with nordvpnd
|
||||||
ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0
|
ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0
|
||||||
ExecStart=-/usr/bin/systemctl restart yggdrasil.service
|
ExecStart=-/usr/bin/systemctl restart yggdrasil.service
|
||||||
|
ExecStart=-/bin/firewall-cmd --reload
|
||||||
# If they somehow managed to not start already
|
# If they somehow managed to not start already
|
||||||
ExecStart=-/usr/bin/systemctl enable --now unbound.service
|
ExecStart=-/usr/bin/systemctl enable --now unbound.service
|
||||||
ExecStart=-/usr/bin/systemctl enable --now systemd-resolved.service
|
ExecStart=-/usr/bin/systemctl enable --now systemd-resolved.service
|
||||||
|
Loading…
Reference in New Issue
Block a user