qubes-tunnel.service

##########################################################
##  Qubes tunnel service
##
##  See qubes-tunnel.service.d/00_example.conf
##  for example customization.

[Unit]
Description=Tunnel service for Qubes proxyVM
ConditionPathExists=!/var/run/qubes/this-is-templatevm
ConditionPathExists=/rw/config/qtunnel
ConditionPathExistsGlob=/var/run/qubes-service/qubes-tunnel*
After=network.target qubes-firewall.service rw.mount
Conflicts=shutdown.target

[Service]
Group=qtunnel
Restart=always
RestartSec=10
TimeoutStopSec=2
Environment="filter_opts=up|down|script-security|keepalive|persist-tun|resolv-retry|auth-user-pass"
Environment="client_cmd=/usr/sbin/openvpn"
Environment="client_opt1=--cd /rw/config/qtunnel/ --config /tmp/qtunnel.conf --verb 3"
Environment="client_opt2=--mlock --ping 10 --ping-restart 42 --connect-retry 5 30"
Environment="client_opt3=--connect-retry-max 7 --resolv-retry 15 --group qtunnel"
Environment='client_opt4=--script-security 2 --up "/usr/lib/qubes/qtunnel-connect up" --down "/usr/lib/qubes/qtunnel-connect down"'
Environment="client_opt5="
Environment="userpassword_opt=--auth-user-pass /tmp/tunneluserpwd.txt"

ExecStartPre=/usr/lib/qubes/qtunnel-setup --check-firewall
ExecStartPre=/usr/lib/qubes/qtunnel-setup --pre-start

ExecStart=/usr/lib/qubes/qtunnel-setup --start-exec

ExecStartPost=/usr/lib/qubes/qtunnel-setup --post-start
ExecStopPost=/usr/lib/qubes/qtunnel-setup --post-stop

[Install]
WantedBy=multi-user.target