From dbe0d9178a0487a2828d741a6d44949bc09e414f Mon Sep 17 00:00:00 2001
From: Mirror <voice@magicalmirro.red>
Date: Thu, 4 Mar 2021 16:39:42 +0300
Subject: [PATCH] Netns service

---
 etc/systemd/system/netns@.service | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 etc/systemd/system/netns@.service

diff --git a/etc/systemd/system/netns@.service b/etc/systemd/system/netns@.service
new file mode 100644
index 0000000..5c67dc4
--- /dev/null
+++ b/etc/systemd/system/netns@.service
@@ -0,0 +1,27 @@
+# netns@.service
+
+[Unit]
+Description=Named network namespace %I
+Documentation=https://github.com/systemd/systemd/issues/2741#issuecomment-336736214
+StopWhenUnneeded=true
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+
+# Ask systemd to create a network namespace
+PrivateNetwork=yes
+
+# Ask ip netns to create a named network namespace
+# (This ensures that things like /var/run/netns are properly setup)
+# (Why flock? See https://bugs.debian.org/949235)
+ExecStart=/usr/bin/flock --no-fork -- /var/run/netns.lock /bin/ip netns add %I
+
+# Drop the network namespace that ip netns just created
+ExecStart=/bin/umount /var/run/netns/%I
+
+# Re-use the same name for the network namespace that systemd put us in
+ExecStart=/bin/mount --bind /proc/self/ns/net /var/run/netns/%I
+
+# Clean up the name when we are done with the network namespace
+ExecStop=/bin/ip netns delete %I