From d7e4ca052854e581514afd80bba953f880197c85 Mon Sep 17 00:00:00 2001 From: Kirill Gagarski Date: Sun, 20 May 2018 17:51:21 +0300 Subject: [PATCH] dnscrypt-proxy.service patching is no longer required (since dnscrypt-proxy update) --- roles/dns_encryption/tasks/arch.yml | 7 --- .../templates/dnscrypt-proxy.service.j2 | 48 ------------------- 2 files changed, 55 deletions(-) delete mode 100644 roles/dns_encryption/templates/dnscrypt-proxy.service.j2 diff --git a/roles/dns_encryption/tasks/arch.yml b/roles/dns_encryption/tasks/arch.yml index a9de0d35..54117896 100644 --- a/roles/dns_encryption/tasks/arch.yml +++ b/roles/dns_encryption/tasks/arch.yml @@ -4,10 +4,3 @@ pacman: name: dnscrypt-proxy state: latest - -- name: Arch Linux | Patch dnscrypt-proxy.service - template: - src: dnscrypt-proxy.service.j2 - dest: "{{ config_prefix|default('/') }}etc/systemd/system/dnscrypt-proxy.service" - notify: - - daemon reload \ No newline at end of file diff --git a/roles/dns_encryption/templates/dnscrypt-proxy.service.j2 b/roles/dns_encryption/templates/dnscrypt-proxy.service.j2 deleted file mode 100644 index 40726539..00000000 --- a/roles/dns_encryption/templates/dnscrypt-proxy.service.j2 +++ /dev/null @@ -1,48 +0,0 @@ -[Unit] -Description=DNSCrypt-proxy client -Documentation=https://github.com/jedisct1/dnscrypt-proxy/wiki - -## Start service after the network is online. -## Requires a wait service such as NetworkManager or systemd-networkd. -## Verify using: -## systemctl is-enabled NetworkManager-wait-online.service systemd-networkd-wait-online.service -## Then enable: -## systemctl enable NetworkManager-wait-online.service -## Or alternatively: -## systemctl enable systemd-networkd-wait-online.service -After=network-online.target -Wants=network-online.target - -## DNSCrypt-proxy provides and requires name resolution. -Before=nss-lookup.target -Wants=nss-lookup.target - -[Service] -## Set O_NONBLOCK flag for socket unit. -NonBlocking=true - -## Execute dnscrypt-proxy with configuration file. -ExecStart=/usr/bin/dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml - -## Make /home, /root and /run/user read only. -ProtectHome=yes - -## Make Linux control groups read only. -ProtectControlGroups=yes - -## Deny explicit module loading. -ProtectKernelModules=yes - -## Run dnscrypt-proxy as unprivileged user with -## temporary assigned UID/GID. See man:systemd.exec -## for more info. Requires systemd 232+. -DynamicUser=yes -CacheDirectory=dnscrypt-proxy -LogsDirectory=dnscrypt-proxy -RuntimeDirectory=dnscrypt-proxy - -[Install] - -## Create symlink for systemd to pull in the unit when starting multi-user.target -## Can be found in /etc/systemd/system/multi-user.target.wants/ -WantedBy=multi-user.target