fastd: run as user fastd
This commit is contained in:
parent
1425383a90
commit
05a9eccc14
@ -3,7 +3,7 @@ Description=fastd Exporter
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=fastd-exporter
|
||||
User=fastd
|
||||
Environment=PATH=/usr/bin:/usr/local/bin
|
||||
EnvironmentFile=/etc/default/fastd-exporter
|
||||
ExecStart=/opt/go/bin/fastd-exporter $OPTIONS
|
||||
|
@ -1,8 +1,5 @@
|
||||
---
|
||||
|
||||
- name: Create user
|
||||
user: name=fastd-exporter
|
||||
|
||||
- name: Install fastd-exporter
|
||||
shell: /usr/local/go/bin/go get -v -u {{ fastd_exporter_source }}
|
||||
args:
|
||||
|
@ -1 +1 @@
|
||||
OPTIONS="-metrics.perpeer -instances {{ site_code }}{{ range(fastd_instances)|join(',' + site_code) }}"
|
||||
OPTIONS="-instances {{ site_code }}{{ range(fastd_instances)|join(',' + site_code) }}"
|
||||
|
@ -1,5 +1,11 @@
|
||||
---
|
||||
|
||||
- name: Create group
|
||||
group: name=fastd
|
||||
|
||||
- name: Create user
|
||||
user: name=fastd group=fastd
|
||||
|
||||
- name: Install fastd
|
||||
apt: name=fastd state=latest
|
||||
|
||||
@ -15,13 +21,16 @@
|
||||
- name: Disable fastd default instance
|
||||
service: name=fastd enabled=no
|
||||
|
||||
- name: Create directories
|
||||
- name: Create config directory
|
||||
file: path=/etc/fastd/{{ site_code }} state=directory
|
||||
|
||||
- name: Create directories
|
||||
- name: Create config directories
|
||||
file: path=/etc/fastd/{{ site_code }}{{ item }}/peers state=directory
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
||||
- name: Create socket directory
|
||||
file: path=/run/fastd owner=fastd group=fastd state=directory
|
||||
|
||||
- name: Configure fastd
|
||||
template: src=fastd.conf.j2 dest=/etc/fastd/{{ site_code }}{{ item }}/fastd.conf
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
@ -31,6 +40,9 @@
|
||||
fastd_key: path=/etc/fastd/{{ site_code }}/secret.conf
|
||||
notify: Restart fastd
|
||||
|
||||
- name: Permissions (secret)
|
||||
file: owner=fastd group=fastd path=/etc/fastd/{{ site_code }}/secret.conf
|
||||
|
||||
- name: Create symlinks (secret)
|
||||
file: src=/etc/fastd/{{ site_code }}/secret.conf dest=/etc/fastd/{{ site_code }}{{ item }}/secret.conf state=link
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
@ -1,8 +1,11 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
user "fastd";
|
||||
group "fastd";
|
||||
|
||||
log to syslog level warn;
|
||||
hide ip addresses yes;
|
||||
status socket "/run/fastd-{{ site_code }}{{ item }}.sock";
|
||||
status socket "/run/fastd/{{ site_code }}{{ item }}.sock";
|
||||
|
||||
interface "vpn-{{ site_code }}{{ item }}";
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user