fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-04 09:50:17 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src/nm-cloud-setup/nm-cloud-setup.service.in
Wen Liang f3404435a9
cloud-setup: configure secondary ip in Aliyun cloud 
This is a tool for automatically configuring networking in Aliyun
cloud environment.

This add a provider implementation for Aliyun that when detected fetches
the private ip addressess and the subnet prefix of IPv4 CIDR block.

Once this information is fetched from the metadata server, it instructs
NetworkManager to add private ip addressess and subnet prefix for each
interface detected.

It is inspired by SuSE's cloud-netconfig ([1], [2]) and Aliyun Instance Metadata [3].

[1] https://www.suse.com/c/multi-nic-cloud-netconfig-ec2-azure/
[2] https://github.com/SUSE-Enceladus/cloud-netconfig
[3] https://www.alibabacloud.com/help/doc-detail/49122.htm

It is also intended to work without configuration. The main point is
that you boot an image with NetworkManager and nm-cloud-setup enabled,
and it just works.

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/885

Signed-off-by: Wen Liang <liangwen12year@gmail.com>
2021-07-19 17:41:52 +02:00

43 lines
1 KiB
SYSTEMD
Raw Blame History

[Unit]
Description=Automatically configure NetworkManager in cloud
Documentation=man:nm-cloud-setup(8)
After=NetworkManager.service
[Service]
Type=oneshot
ExecStart=@libexecdir@/nm-cloud-setup
#Environment=NM_CLOUD_SETUP_LOG=TRACE
# Cloud providers are disabled by default. You need to
# Opt-in by setting the right environment variable for
# the provider.
#
# Create a drop-in file to overwrite these variables or
# use systemctl edit.
#Environment=NM_CLOUD_SETUP_EC2=yes
#Environment=NM_CLOUD_SETUP_GCP=yes
#Environment=NM_CLOUD_SETUP_AZURE=yes
#Environment=NM_CLOUD_SETUP_ALIYUN=yes
CapabilityBoundingSet=
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
PrivateDevices=yes
PrivateTmp=yes
ProtectControlGroups=yes
ProtectHome=yes
ProtectHostname=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=strict
RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
SystemCallFilter=@system-service
[Install]
WantedBy=NetworkManager.service
Reference in a new issue View git blame Copy permalink