diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-08 16:32:27 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-08 16:32:27 +0100 |
commit | e70cadf597b5867095238fb5070f0beda6091db5 (patch) | |
tree | d14ba1734ed82f7b5787fe08d7dde2c8f7556a54 /accounts/gkleen@sif/systemd.nix | |
parent | 59206a53a272bc8257bc740c9dbc84b545357f5c (diff) | |
download | nixos-e70cadf597b5867095238fb5070f0beda6091db5.tar nixos-e70cadf597b5867095238fb5070f0beda6091db5.tar.gz nixos-e70cadf597b5867095238fb5070f0beda6091db5.tar.bz2 nixos-e70cadf597b5867095238fb5070f0beda6091db5.tar.xz nixos-e70cadf597b5867095238fb5070f0beda6091db5.zip |
gkleen@sif: ssh proxy: ratelimit
Diffstat (limited to 'accounts/gkleen@sif/systemd.nix')
-rw-r--r-- | accounts/gkleen@sif/systemd.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix index e6133896..c8eda9d0 100644 --- a/accounts/gkleen@sif/systemd.nix +++ b/accounts/gkleen@sif/systemd.nix | |||
@@ -24,7 +24,14 @@ let | |||
24 | pid=$! | 24 | pid=$! |
25 | 25 | ||
26 | newpid="" | 26 | newpid="" |
27 | i=100 | ||
27 | while ! newpid=$(${pkgs.lsof}/bin/lsof -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do | 28 | while ! newpid=$(${pkgs.lsof}/bin/lsof -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do |
29 | if ! kill -0 "''${pid}"; then | ||
30 | wait "''${pid}" | ||
31 | exit $? | ||
32 | fi | ||
33 | [[ "''${i}" -gt 0 ]] || exit 1 | ||
34 | i=$((''${i} - 1)) | ||
28 | ${pkgs.coreutils}/bin/sleep 0.1 | 35 | ${pkgs.coreutils}/bin/sleep 0.1 |
29 | done | 36 | done |
30 | 37 | ||
@@ -73,11 +80,14 @@ in { | |||
73 | NotifyAccess = "all"; | 80 | NotifyAccess = "all"; |
74 | WorkingDirectory = "~"; | 81 | WorkingDirectory = "~"; |
75 | Restart = "always"; | 82 | Restart = "always"; |
83 | RestartSec = "2s"; | ||
76 | ExecStart = "${autossh-socks-script} \"%I\""; | 84 | ExecStart = "${autossh-socks-script} \"%I\""; |
77 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0g.math.lmu.de" ]; | 85 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0g.math.lmu.de" ]; |
78 | }; | 86 | }; |
79 | Unit = { | 87 | Unit = { |
80 | StopWhenUnneeded = true; | 88 | StopWhenUnneeded = true; |
89 | StartLimitInterval = "2s"; | ||
90 | StartLimitBurst = 5; | ||
81 | }; | 91 | }; |
82 | }; | 92 | }; |
83 | "proxy-to-autossh-socks@8118" = { | 93 | "proxy-to-autossh-socks@8118" = { |