1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
Integration of syncplay-server with systemd
===========================================
As of 1.6.8+repack1-1 syncplay-server ships
/usr/lib/systemd/system/syncplay-server.service to run syncplay-server at boot
time. By default that systemd service is deactivated.
To enable it, run as root:
systemctl enable --now syncplay-server.service
To deactivate it, run as root:
systemctl disable --now syncplay-server.service
If you need a different configuration, disable as above, copy
/usr/lib/systemd/system/syncplay-server.service to /etc/systemd/system, and edit
the file to fit your needs. When you are done, run as root:
systemctl daemon-reload
and enable/disable as documented above.
TLS Encryption
==============
NOTE: It does NOT work with self-signed certificates.
Prepare and configureā¦
1. a domain
2. a valid certificate for that domain (E.g., Let's Encrypt. The Debian
package works with certbot. Other methods will require manual integration.)
If you have both set up, thenā¦
1. configure your domain in /etc/default/syncplay-server
3. run as root: systemctl restart syncplay-server.service
The systemd service file uses systemd's DynamicUser= setting to generate user,
group and /run/syncplay-server on the fly. ExecStartPre= executes the certbot
hook to make it copy the certificate files into /run/syncplay-server with secure
permissions and owned by the DynamicUser's group.
It is not necessary to reload or restart syncplay-server.service, as
syncplay-server automatically detects renewed certificates on incoming
connections. I.e., it is enough to have the certbot hook script update the
certificates in /run/syncplay-server without any further action.
|
