Integration of syncplay-server with systemd =========================================== As of 1.6.8+repack1-1 syncplay-server ships /usr/lib/systemd/system/syncplay-server.service to run syncplay-server at boot time. By default that systemd service is deactivated. To enable it, run as root: systemctl enable --now syncplay-server.service To deactivate it, run as root: systemctl disable --now syncplay-server.service If you need a different configuration, disable as above, copy /usr/lib/systemd/system/syncplay-server.service to /etc/systemd/system, and edit the file to fit your needs. When you are done, run as root: systemctl daemon-reload and enable/disable as documented above. TLS Encryption ============== NOTE: It does NOT work with self-signed certificates. Prepare and configureā€¦ 1. a domain 2. a valid certificate for that domain (E.g., Let's Encrypt. The Debian package works with certbot. Other methods will require manual integration.) If you have both set up, thenā€¦ 1. configure your domain in /etc/default/syncplay-server 3. run as root: systemctl restart syncplay-server.service The systemd service file uses systemd's DynamicUser= setting to generate user, group and /run/syncplay-server on the fly. ExecStartPre= executes the certbot hook to make it copy the certificate files into /run/syncplay-server with secure permissions and owned by the DynamicUser's group. It is not necessary to reload or restart syncplay-server.service, as syncplay-server automatically detects renewed certificates on incoming connections. I.e., it is enough to have the certbot hook script update the certificates in /run/syncplay-server without any further action.