更新toroad.service

roles/natgw/templates/natgw.service.j2

@@ -0,0 +1,29 @@
+[Unit]
+Description=natgw service
+After=network.target
+
+[Service]
+Type=notify
+WorkingDirectory=/opt/tsg/wannat/natgw
+ExecStart=/opt/tsg/wannat/natgw/wannat_natgw
+
+ExecStartPost=/bin/sh -c "sysctl -w net.ipv4.ip_forward=0"
+ExecStartPost=/bin/sh -c "ifconfig tun_natgw 192.168.1.254/24 up"
+ExecStartPost=/bin/sh -c "ethtool -K tun_natgw gro off"
+ExecStartPost=/bin/sh -c "ethtool -K tun_natgw gso off"
+ExecStartPost=/bin/sh -c "ethtool -K tun_natgw tso off"
+ExecStartPost=/bin/sh -c "ip rule add from {{wannat_global.common.vpn_client_ip_cidr}} table 1001"
+ExecStartPost=/bin/sh -c "ip route add default via 192.168.1.253 table 1001"
+#ExecStartPost=/bin/sh -c "iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP"
+
+TimeoutSec=300s
+RestartSec=10s
+Restart=always
+LimitNOFILE=524288
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target

roles/toroad/tasks/main.yml

@@ -25,9 +25,17 @@
 - name: "Template the toroad.conf"
   template:
     src: "{{ role_path }}/templates/toroad.conf.j2"
-    dest: /opt/wannat/toroad/etc/toroad.conf
+    dest: /opt/tsg/wannat/toroad/etc/toroad.conf
   tags: template
 
+- name: "Template the toroad.service"
+  template:
+    src: "{{ role_path }}/templates/toroad.service.j2"
+    dest: /usr/lib/systemd/system/toroad.service
+  tags: template
 
-
-
+- name: "enable toroad service"
+  systemd:
+    name: toroad
+    enabled: yes
+    daemon_reload: yes  

roles/toroad/templates/toroad.service.j2

@@ -0,0 +1,12 @@
+[Unit]
+Description=toroad service
+After=network.target
+
+[Service]
+WorkingDirectory=/opt/tsg/wannat/toroad
+ExecStart=/opt/tsg/wannat/toroad/toroad
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target