Add systemd unit file

Signed-off-by: DL6ER <dl6er@dl6er.de>

advanced/Templates/pihole-FTL.systemd

@@ -0,0 +1,45 @@
+[Unit]
+Description=Pi-hole FTLDNS
+; This unit is supposed to indicate when network functionality is available, but it is only
+; very weakly defined what that is supposed to mean, with one exception: at shutdown, a unit
+; that is ordered after network.target will be stopped before the network
+After=network.target
+; A target that should be used as synchronization point for all host/network name service lookups.
+; All services for which the availability of full host/network name resolution is essential should
+; be ordered after this target, but not pull it in.
+Wants=nss-lookup.target
+Before=nss-lookup.target
+
+[Service]
+Restart=on-abnormal
+User=pihole
+Group=pihole
+PermissionsStartOnly=true
+
+Type=forking
+PIDFile=/run/pihole-FTL.pid
+
+ExecStartPre=/bin/touch /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
+ExecStartPre=/bin/mkdir -p /var/run/pihole /var/log/pihole
+ExecStartPre=/bin/chown pihole:pihole /var/run/pihole /var/log/pihole
+ExecStartPre=-/bin/rm /var/run/pihole/FTL.sock
+ExecStartPre=/bin/chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log
+ExecStartPre=/bin/chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
+ExecStartPre=/bin/echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.piholeFTL
+
+ExecStart=/usr/bin/pihole-FTL
+RestartSec=30s
+ExecReload=/bin/kill -HUP $MAINPID
+
+; Use graceful shutdown with a reasonable timeout
+TimeoutStopSec=10s
+
+; Make /usr, /boot, /etc and possibly some more folders read-only...
+ProtectSystem=full
+; ... except /etc/pihole
+; This merely retains r/w access rights, it does not add any new.
+; Must still be writable on the host!
+ReadWriteDirectories=/etc/pihole
+
+[Install]
+WantedBy=multi-user.target