Strykar · April 11, 2026 03:02
diff --git a/autossh_systemd_unit.service b/autossh_systemd_unit.service
 [Unit]
 Description=AutoSSH tunnel to remote signald Unix socket
 After=network-online.target
 # Note: user systemd instances do not see system-level targets like
 # network-online.target by default, so this ordering hint is not
 # guaranteed to work in a user unit. For reliable boot ordering,
 # either run this as a system unit, or ensure the user session is
 # started after the network via PAM/loginctl-linger configuration.
 
 [Service]
 # Set to 0 for boot-time use. The default (30s) causes autossh to
 # exit immediately if the very first SSH attempt fails within 30
 # seconds, which is unhelpful at boot when the remote may not be ready yet.
 # With GATETIME=0, autossh retries on all failures including the
 # first. Verify SSH works manually before enabling this service.
 Environment="AUTOSSH_GATETIME=0"
 
 # With -M 0, AUTOSSH_POLL does not perform active connection probing
 # (that requires a non-zero monitor port). It does cap the maximum
 # backoff sleep in autossh's internal restart loop; the default is
 # 600s (10 minutes). 30s keeps the ceiling tight during outages.
 Environment="AUTOSSH_POLL=30"
 
 Environment="SSOCK=/var/run/signald/signald.sock"
 
 ExecStart=/usr/bin/autossh -M 0 \
  -o "ServerAliveInterval 10" \
  -o "ServerAliveCountMax 3" \
  -o "ExitOnForwardFailure yes" \
  -o "StreamLocalBindUnlink yes" \
  -L ${SSOCK}:${SSOCK} \
  -N remote.server
 
 # SIGHUP prods autossh out of any backoff sleep so it retries
 # immediately. This is documented in the autossh README.
 # Use SIGUSR1 instead to force-kill and restart the SSH child.
 ExecReload=/usr/bin/kill -HUP $MAINPID
 
 # systemd waits 60 seconds before restarting, matching Linux's
 # hardcoded TCP_TIMEWAIT_LEN. This ensures the old connection's
 # port state has fully expired before the next connection attempt.
 Restart=always
 RestartSec=60
 
 # Sends SIGTERM to all processes in the cgroup on stop.
 KillMode=control-group
 
 [Install]
 WantedBy=default.target
	[Unit]
	Description=AutoSSH tunnel to remote signald Unix socket
	After=network-online.target
	# Note: user systemd instances do not see system-level targets like
	# network-online.target by default, so this ordering hint is not
	# guaranteed to work in a user unit. For reliable boot ordering,
	# either run this as a system unit, or ensure the user session is
	# started after the network via PAM/loginctl-linger configuration.

	[Service]
	# Set to 0 for boot-time use. The default (30s) causes autossh to
	# exit immediately if the very first SSH attempt fails within 30
	# seconds, which is unhelpful at boot when the remote may not be ready yet.
	# With GATETIME=0, autossh retries on all failures including the
	# first. Verify SSH works manually before enabling this service.
	Environment="AUTOSSH_GATETIME=0"

	# With -M 0, AUTOSSH_POLL does not perform active connection probing
	# (that requires a non-zero monitor port). It does cap the maximum
	# backoff sleep in autossh's internal restart loop; the default is
	# 600s (10 minutes). 30s keeps the ceiling tight during outages.
	Environment="AUTOSSH_POLL=30"

	Environment="SSOCK=/var/run/signald/signald.sock"

	ExecStart=/usr/bin/autossh -M 0 \
	-o "ServerAliveInterval 10" \
	-o "ServerAliveCountMax 3" \
	-o "ExitOnForwardFailure yes" \
	-o "StreamLocalBindUnlink yes" \
	-L ${SSOCK}:${SSOCK} \
	-N remote.server

	# SIGHUP prods autossh out of any backoff sleep so it retries
	# immediately. This is documented in the autossh README.
	# Use SIGUSR1 instead to force-kill and restart the SSH child.
	ExecReload=/usr/bin/kill -HUP $MAINPID

	# systemd waits 60 seconds before restarting, matching Linux's
	# hardcoded TCP_TIMEWAIT_LEN. This ensures the old connection's
	# port state has fully expired before the next connection attempt.
	Restart=always
	RestartSec=60

	# Sends SIGTERM to all processes in the cgroup on stop.
	KillMode=control-group

	[Install]
	WantedBy=default.target
No results found