aboutsummaryrefslogtreecommitdiff
path: root/etc/systemd
diff options
context:
space:
mode:
authorRyan Kavanagh <rak@rak.ac>2023-01-03 12:17:53 -0500
committerRyan Kavanagh <rak@rak.ac>2023-01-03 12:17:53 -0500
commitf97420d43818388244988bb380dcc72c3b82a74d (patch)
treefed2c8cd14149e47dbd1ae586c3bb8062f22878c /etc/systemd
parentSavehooks (diff)
new he tunnel
Diffstat (limited to 'etc/systemd')
-rw-r--r--etc/systemd/network/25-he-ipv6.netdev2
-rw-r--r--etc/systemd/network/25-he-ipv6.network6
-rw-r--r--etc/systemd/system/he-ipv6-update.service23
3 files changed, 19 insertions, 12 deletions
diff --git a/etc/systemd/network/25-he-ipv6.netdev b/etc/systemd/network/25-he-ipv6.netdev
index c2bf632..b2d2047 100644
--- a/etc/systemd/network/25-he-ipv6.netdev
+++ b/etc/systemd/network/25-he-ipv6.netdev
@@ -5,6 +5,6 @@ MTUBytes=1480
[Tunnel]
Local=192.168.1.103
-Remote=216.66.22.2
+Remote=209.51.161.14
TTL=255
Independent=true
diff --git a/etc/systemd/network/25-he-ipv6.network b/etc/systemd/network/25-he-ipv6.network
index 6fb0356..6ce754f 100644
--- a/etc/systemd/network/25-he-ipv6.network
+++ b/etc/systemd/network/25-he-ipv6.network
@@ -2,8 +2,8 @@
Name=he-ipv6
[Network]
-Gateway=2001:470:7:384::1
-Address=2001:470:7:384::103/64
-Address=2001:470:8:385::103/64
+Gateway=2001:470:1f06:1d3::1
+Address=2001:470:1f06:1d3::2/64
+Address=2001:470:89ac:3::1/64
DNS=2001:470:20::2
BindCarrier=wlp3s0 enp5s0
diff --git a/etc/systemd/system/he-ipv6-update.service b/etc/systemd/system/he-ipv6-update.service
index 1f379de..e265b60 100644
--- a/etc/systemd/system/he-ipv6-update.service
+++ b/etc/systemd/system/he-ipv6-update.service
@@ -4,16 +4,23 @@ After=network-online.target
[Service]
Type=oneshot
-ExecStart=curl --silent "https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/nic/update?hostname=582358"
-NoNewPrivileges=yes # Prevent acquiring new privileges. Warning: breaks execution of SUID binaries
+ExecStart=curl --silent "https://USERNAME:PASSWORD@ipv4.tunnelbroker.net/nic/update?hostname=801807"
+# Prevent acquiring new privileges. Warning: breaks execution of SUID binaries
+NoNewPrivileges=yes
PermissionsStartOnly=true
-PrivateDevices=yes # Prevent access to /dev
-PrivateTmp=yes # Use dedicated /tmp
+# Prevent access to /dev
+PrivateDevices=yes
+# Use dedicated /tmp
+PrivateTmp=yes
PrivateUsers=true
-ProtectHome=yes # Hide user homes
-ProtectKernelModules=yes # Prevent loading or reading kernel modules
-ProtectKernelTunables=yes # Prevent altering kernel tunables
-ProtectSystem=strict # strict or full, see docs
+# Hide user homes
+ProtectHome=yes
+# Prevent loading or reading kernel modules
+ProtectKernelModules=yes
+# Prevent altering kernel tunables
+ProtectKernelTunables=yes
+# strict or full, see docs
+ProtectSystem=strict
[Install]
WantedBy=network-online.target