X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/79f4a86c6a7320bb287968a42393b9449196b12e..8de21e204dc53bb28ad67207c308489f706ff00d:/cookbooks/systemd/templates/default/service.erb diff --git a/cookbooks/systemd/templates/default/service.erb b/cookbooks/systemd/templates/default/service.erb index c53439a2b..fb2427de7 100644 --- a/cookbooks/systemd/templates/default/service.erb +++ b/cookbooks/systemd/templates/default/service.erb @@ -19,11 +19,20 @@ Conflicts=<%= Array(@conflicts).join(" ") %> <% if @wants -%> Wants=<%= Array(@wants).join(" ") %> <% end -%> +<% if @requires -%> +Requires=<%= Array(@requires).join(" ") %> +<% end -%> +<% if @joins_namespace_of -%> +JoinsNamespaceOf=<%= Array(@joins_namespace_of).join(" ") %> +<% end -%> [Service] <% if @type -%> Type=<%= @type %> <% end -%> +<% if @notify_access -%> +NotifyAccess=<%= @notify_access %> +<% end -%> <% if @limit_nofile -%> LimitNOFILE=<%= @limit_nofile %> <% end -%> @@ -54,6 +63,9 @@ User=<%= @user %> <% if @group -%> Group=<%= @group %> <% end -%> +<% if @dynamic_user -%> +DynamicUser=<%= @dynamic_user %> +<% end -%> <% if @working_directory -%> WorkingDirectory=<%= @working_directory %> <% end -%> @@ -85,7 +97,17 @@ ExecStartPost=<%= exec_start_post %> <% if @dropin -%> ExecStop= <% end -%> -ExecStop=<%= @exec_stop %> +<% Array(@exec_stop).each do |exec_stop| -%> +ExecStop=<%= exec_stop %> +<% end -%> +<% end -%> +<% if @exec_stop_post -%> +<% if @dropin -%> +ExecStopPost= +<% end -%> +<% Array(@exec_stop_post).each do |exec_stop_post| -%> +ExecStopPost=<%= exec_stop_post %> +<% end -%> <% end -%> <% if @exec_reload -%> <% if @dropin -%> @@ -93,14 +115,38 @@ ExecReload= <% end -%> ExecReload=<%= @exec_reload %> <% end -%> +<% if @runtime_max_sec -%> +RuntimeMaxSec=<%= @runtime_max_sec %> +<% end -%> <% if @runtime_directory -%> RuntimeDirectory=<%= @runtime_directory %> <% end -%> <% if @runtime_directory_mode -%> RuntimeDirectoryMode=<%= sprintf("0%o", @runtime_directory_mode) %> <% end -%> -<% if @runtime_max_sec -%> -RuntimeMaxSec=<%= @runtime_max_sec %> +<% if @state_directory -%> +StateDirectory=<%= @state_directory %> +<% end -%> +<% if @state_directory_mode -%> +StateDirectoryMode=<%= sprintf("0%o", @state_directory_mode) %> +<% end -%> +<% if @cache_directory -%> +CacheDirectory=<%= @cache_directory %> +<% end -%> +<% if @cache_directory_mode -%> +CacheDirectoryMode=<%= sprintf("0%o", @cache_directory_mode) %> +<% end -%> +<% if @logs_directory -%> +LogsDirectory=<%= @logs_directory %> +<% end -%> +<% if @logs_directory_mode -%> +LogsDirectoryMode=<%= sprintf("0%o", @logs_directory_mode) %> +<% end -%> +<% if @configuration_directory -%> +ConfigurationDirectory=<%= @configuration_directory %> +<% end -%> +<% if @configuration_directory_mode -%> +ConfigurationDirectoryMode=<%= sprintf("0%o", @configuration_directory_mode) %> <% end -%> <% if @standard_input -%> StandardInput=<%= @standard_input %> @@ -111,10 +157,10 @@ StandardOutput=<%= @standard_output %> <% if @standard_error -%> StandardError=<%= @standard_error %> <% end -%> -<% if @protect_proc -%> +<% if @protect_proc && node[:lsb][:release].to_f >= 22.04 -%> ProtectProc=<%= @protect_proc %> <% end -%> -<% if @proc_subset -%> +<% if @proc_subset && node[:lsb][:release].to_f >= 22.04 -%> ProcSubset=<%= @proc_subset %> <% end -%> <% if @no_new_privileges -%> @@ -123,6 +169,9 @@ NoNewPrivileges=<%= @no_new_privileges %> <% if @capability_bounding_set -%> CapabilityBoundingSet=<%= Array(@capability_bounding_set).sort.uniq.join(" ") %> <% end -%> +<% if @ambient_capabilities -%> +AmbientCapabilities=<%= Array(@ambient_capabilities).sort.uniq.join(" ") %> +<% end -%> <% if @protect_system -%> ProtectSystem=<%= @protect_system %> <% end -%> @@ -147,7 +196,7 @@ PrivateDevices=<%= @private_devices %> <% if @private_network -%> PrivateNetwork=<%= @private_network %> <% end -%> -<% if @private_ipc -%> +<% if @private_ipc && node[:lsb][:release].to_f >= 22.04 -%> PrivateIPC=<%= @private_ipc %> <% end -%> <% if @private_users -%>