openSUSE:Systemd services

Jump to: navigation, search
This page collects systemd services that are firstly created by openSUSE packagers/developers or there're special modifications done for our distribution.

NOTE: You'd better at least check these pages below to make sure there're no ready ones in other distributions using systemd as us do. Because systemd service can cross distributions, we don't need to reinvent the wheels. Basically this page is for packagers/developers from other distributions who want to use our contributions directly.

NOTE AGAIN: The best contribution is to get these services upstreamed. So please at least try once. Working with upstream is not that hard :-)

About how to write systemd services: openSUSE:How to write a systemd service (to be translated from Chinese by marguerite)

please make this page alphabetical, thanks.




# This file is part of dnscrypt
# Author: Marguerite Su <>
# Version: 1.2.0
# Description: dnscrypt is a tool developed by OpenDNS company.
#              it aims to encrypt your dns query to OpenDNS to protect from
#              middle-man attack or DNS polution(commonly see in China).
#              it publics free (also redistributes free). 
#              in openSUSE it's licensed under SuSE-Permissive(Non-free ware).
#              details see its documentation.
Description=Secure connection between your computer and DNS resolver(openDNS)

ExecStart=/usr/sbin/dnscrypt-proxy --daemonize \
          -p /var/run/ \
          -l /var/log/dnscrypt-proxy.log



# Author: Marguerite Su <>
# Use Case: You registered a IPv6 tunnel, and want it connected automatically
#           without entering commands every startup.
Description=Daemon to start IPv6

ExecStart=/usr/sbin/ip tunnel add he-ipv6 mode sit \
          remote local ttl 255 ; \
          /usr/sbin/ip link set he-ipv6 up ; \
          /usr/sbin/ip addr add 2001:475:c:1183::2/64 dev he-ipv6 ; \
          /usr/sbin/ip route add ::/0 dev he-ipv6 ; \
          /usr/sbin/ip -6 addr
ExecStop=/usr/sbin/ip route delete ::/0 dev he-ipv6 ; \
         /usr/sbin/ip -6 addr del 2001:475:c:1183::2/64 dev he-ipv6 ; \
         /usr/sbin/ip link set he-ipv6 down ; \
         /usr/sbin/ip tunnel del he-ipv6


Please change the `remote`, `local`, `ipv6` address to your own. This is for openSUSE Chinese forum, so please don't distribute it massively.



Strongswan in openSUSE has already got a systemd service for self startup. This service is used to automatically set up port allowing, masquerading, and forwarding for its configured vistual IP pool using iptables.

# Author: Marguerite Su <>
# Use Case: You have a strongswan vpn. You don't want to input iptables commands
#           everytime upon server restart.
Description=Scripts to setup iptables rules for strongswan
# has to start before strongswan, or it doesn't know the routes.
# so you can connect, but no traffic.

ExecStart=/usr/sbin/iptables -A INPUT -p udp --dport 500 -j ACCEPT ; \
          /usr/sbin/iptables -A INPUT -p udp --dport 4500 -j ACCEPT ; \
          /usr/sbin/iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE ; \
          /usr/sbin/iptables -A FORWARD -s -j ACCEPT ; \
          /bin/sh -c 'echo -n 1 > /proc/sys/net/ipv4/ip_forward'
ExecStop=/bin/sh -c 'echo -n 0 > /proc/sys/net/ipv4/ip_forward' ; \
         /usr/sbin/iptables -D FORWARD -s -j ACCEPT ; \
         /usr/sbin/iptables -t nat -D POSTROUTING -s -o eth0 -j MASQUERADE ; \
         /usr/sbin/iptables -D INPUT -p udp --dport 4500 -j ACCEPT ; \
         /usr/sbin/iptables -D INPUT -p udp --dport 500 -j ACCEPT


You have to change "" to your _rightsourceip_.