Friday, August 12, 2016

systemd - custom system.d service fails at startup


I created a service to keep my vpn alive all the time. Whenever the OpenVPN disconnects for any reason the script is restarted by the service. First the script resolves the address provided by my VPN provider to a set of ip addresses and then updates the firewall accordingly. After that it initiates the VPN connection.


When I start my service like this it works fine:


sudo systemctl start alwayson

But it should start automatically at system startup but after startup I get:


● alwayson.service - Always on VPN service
   Loaded: loaded (/etc/systemd/system/alwayson.service; disabled; vendor preset
   Active: inactive (dead)

after running the command:


systemctl status alwayson

Here are the scripts:


alwayson.service:


[Unit]
Description=Always on VPN service
After=ufw.service
[Service]
Type=idle
Restart=always
RestartSec=3
ExecStart=/bin/bash /home/user/VPN/alwayson-service/run.sh
[Install]
WantedBy=multi-user.target

run.sh:


echo "Updating FireWall.."
# Remove all rules
list="$(ufw status numbered | awk -F"[][]" '{print $2}' | tac)"
for item in $list
do
    echo $item
    ufw --force delete $item
done
# let all incoming traffic pass
ufw default deny incoming
# and block outgoing by default
ufw default deny outgoing
ufw allow out to  8.8.8.8
ufw allow in from 8.8.8.8
ufw allow out on tun0
ufw allow out 53
# Allow local IPv4 connections
ufw allow out to 10.0.0.0/8
ufw allow out to 172.16.0.0/12
ufw allow out to 192.168.0.0/24
ufw allow in from 192.168.0.0/24
# Allow IPv4 local multicasts
ufw allow out to 224.0.0.0/24
ufw allow out to 239.0.0.0/8
# Allow local IPv6 connections
ufw allow out to fe80::/64
# Allow IPv6 link-local multicasts
ufw allow out to ff01::/16
# Allow IPv6 site-local multicasts
ufw allow out to ff02::/16
ufw allow out to ff05::/16
# Update Rules for VPN
list="$(dig +short remote 4-1-gb.cg-dialup.net)"
for item in $list
do
    echo $item
    ufw allow out to $item
        ufw allow in from $item
done
# Enable the firewall
ufw enable
openvpn --config /home/doctor/VPN/UK/openvpn.ovpn --script-security 2 --up /home/doctor/VPN/alwayson-service/up.sh --down /home/doctor/VPN/alwayson-service/down.sh --up-restart

Can somebody give me some advice on how to run it at startup?



You need to enable the service in order for it to run at startup. Please run:


sudo systemctl enable alwayson.service

Then it should work automatically after reboot.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

11.10 - Can't boot from USB after installing Ubuntu

I bought a Samsung series 5 notebook and a very strange thing happened: I installed Ubuntu 11.10 from a usb pen drive but when I restarted (...