Systemd service

Assuming an /opt/ install. For those unfamiliar, plop it into /etc/systemd/system (symlinks might not work, old systemd bug), run `systemctl daemon-reload`, and have it start on boot (and immediately) with `systemctl enable --now endlessh.service`

util/endlessh.service

@@ -0,0 +1,29 @@
+[Unit]
+Description=Endlessh SSH Tarpit
+Requires=network-online.target
+
+[Service]
+Type=simple
+Restart=always
+RestartSec=30sec
+ExecStart=/opt/endlessh/endlessh
+KillSignal=SIGTERM
+
+StandardOutput=journal
+StandardError=journal
+StandardInput=null
+
+PrivateTmp=true
+PrivateDevices=true
+ProtectSystem=full
+ProtectHome=true
+NoNewPrivileges=true
+ConfigurationDirectory=/etc/endlessh
+PrivateUsers=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectControlGroups=true
+MemoryDenyWriteExecute=true
+
+[Install]
+WantedBy=multi-user.target