X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/a69e02a9b5f577945c26c29bf67568efe29fa210..4c459f7ebf52a4b6364214a507b0e7ac37f2ec5f:/cookbooks/systemd/templates/default/service.erb diff --git a/cookbooks/systemd/templates/default/service.erb b/cookbooks/systemd/templates/default/service.erb index 0685a70ca..197d8bddf 100644 --- a/cookbooks/systemd/templates/default/service.erb +++ b/cookbooks/systemd/templates/default/service.erb @@ -30,6 +30,9 @@ JoinsNamespaceOf=<%= Array(@joins_namespace_of).join(" ") %> <% if @type -%> Type=<%= @type %> <% end -%> +<% if @notify_access -%> +NotifyAccess=<%= @notify_access %> +<% end -%> <% if @limit_nofile -%> LimitNOFILE=<%= @limit_nofile %> <% end -%> @@ -66,6 +69,9 @@ DynamicUser=<%= @dynamic_user %> <% if @working_directory -%> WorkingDirectory=<%= @working_directory %> <% end -%> +<% if @umask -%> +UMask=<%= @umask %> +<% end -%> <% if @exec_start_pre -%> <% if @dropin -%> ExecStartPre= @@ -95,7 +101,15 @@ ExecStartPost=<%= exec_start_post %> ExecStop= <% end -%> <% Array(@exec_stop).each do |exec_stop| -%> -ExecStop=<%= @exec_stop %> +ExecStop=<%= exec_stop %> +<% end -%> +<% end -%> +<% if @exec_stop_post -%> +<% if @dropin -%> +ExecStopPost= +<% end -%> +<% Array(@exec_stop_post).each do |exec_stop_post| -%> +ExecStopPost=<%= exec_stop_post %> <% end -%> <% end -%> <% if @exec_reload -%> @@ -104,14 +118,41 @@ ExecReload= <% end -%> ExecReload=<%= @exec_reload %> <% end -%> +<% if @runtime_max_sec -%> +RuntimeMaxSec=<%= @runtime_max_sec %> +<% end -%> <% if @runtime_directory -%> RuntimeDirectory=<%= @runtime_directory %> <% end -%> <% if @runtime_directory_mode -%> RuntimeDirectoryMode=<%= sprintf("0%o", @runtime_directory_mode) %> <% end -%> -<% if @runtime_max_sec -%> -RuntimeMaxSec=<%= @runtime_max_sec %> +<% if @runtime_directory_preserve -%> +RuntimeDirectoryPreserve=<%= @runtime_directory_preserve %> +<% end -%> +<% if @state_directory -%> +StateDirectory=<%= @state_directory %> +<% end -%> +<% if @state_directory_mode -%> +StateDirectoryMode=<%= sprintf("0%o", @state_directory_mode) %> +<% end -%> +<% if @cache_directory -%> +CacheDirectory=<%= @cache_directory %> +<% end -%> +<% if @cache_directory_mode -%> +CacheDirectoryMode=<%= sprintf("0%o", @cache_directory_mode) %> +<% end -%> +<% if @logs_directory -%> +LogsDirectory=<%= @logs_directory %> +<% end -%> +<% if @logs_directory_mode -%> +LogsDirectoryMode=<%= sprintf("0%o", @logs_directory_mode) %> +<% end -%> +<% if @configuration_directory -%> +ConfigurationDirectory=<%= @configuration_directory %> +<% end -%> +<% if @configuration_directory_mode -%> +ConfigurationDirectoryMode=<%= sprintf("0%o", @configuration_directory_mode) %> <% end -%> <% if @standard_input -%> StandardInput=<%= @standard_input %> @@ -128,12 +169,21 @@ ProtectProc=<%= @protect_proc %> <% if @proc_subset && node[:lsb][:release].to_f >= 22.04 -%> ProcSubset=<%= @proc_subset %> <% end -%> +<% if @bind_paths -%> +BindPaths=<%= Array(@bind_paths).sort.uniq.join(" ") %> +<% end -%> +<% if @bind_read_only_paths -%> +BindReadOnlyPaths=<%= Array(@bind_read_only_paths).sort.uniq.join(" ") %> +<% end -%> <% if @no_new_privileges -%> NoNewPrivileges=<%= @no_new_privileges %> <% end -%> <% if @capability_bounding_set -%> CapabilityBoundingSet=<%= Array(@capability_bounding_set).sort.uniq.join(" ") %> <% end -%> +<% if @ambient_capabilities -%> +AmbientCapabilities=<%= Array(@ambient_capabilities).sort.uniq.join(" ") %> +<% end -%> <% if @protect_system -%> ProtectSystem=<%= @protect_system %> <% end -%> @@ -218,6 +268,9 @@ SuccessExitStatus=<%= Array(@success_exit_status).join(" ") %> <% if @restart -%> Restart=<%= @restart %> <% end -%> +<% if @restart_sec -%> +RestartSec=<%= @restart_sec %> +<% end -%> <% if @timeout_start_sec -%> TimeoutStartSec=<%= @timeout_start_sec %> <% end -%>