X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/eb10ee11cf967f641485a4124c337f52ce6b9939..4c459f7ebf52a4b6364214a507b0e7ac37f2ec5f:/cookbooks/systemd/templates/default/service.erb

diff --git a/cookbooks/systemd/templates/default/service.erb b/cookbooks/systemd/templates/default/service.erb
index a4ff29fa9..197d8bddf 100644
--- a/cookbooks/systemd/templates/default/service.erb
+++ b/cookbooks/systemd/templates/default/service.erb
@@ -69,6 +69,9 @@ DynamicUser=<%= @dynamic_user %>
 <% if @working_directory -%>
 WorkingDirectory=<%= @working_directory %>
 <% end -%>
+<% if @umask -%>
+UMask=<%= @umask %>
+<% end -%>
 <% if @exec_start_pre -%>
 <% if @dropin -%>
 ExecStartPre=
@@ -115,14 +118,41 @@ ExecReload=
 <% end -%>
 ExecReload=<%= @exec_reload %>
 <% end -%>
+<% if @runtime_max_sec -%>
+RuntimeMaxSec=<%= @runtime_max_sec %>
+<% end -%>
 <% if @runtime_directory -%>
 RuntimeDirectory=<%= @runtime_directory %>
 <% end -%>
 <% if @runtime_directory_mode -%>
 RuntimeDirectoryMode=<%= sprintf("0%o", @runtime_directory_mode) %>
 <% end -%>
-<% if @runtime_max_sec -%>
-RuntimeMaxSec=<%= @runtime_max_sec %>
+<% if @runtime_directory_preserve -%>
+RuntimeDirectoryPreserve=<%= @runtime_directory_preserve %>
+<% end -%>
+<% if @state_directory -%>
+StateDirectory=<%= @state_directory %>
+<% end -%>
+<% if @state_directory_mode -%>
+StateDirectoryMode=<%= sprintf("0%o", @state_directory_mode) %>
+<% end -%>
+<% if @cache_directory -%>
+CacheDirectory=<%= @cache_directory %>
+<% end -%>
+<% if @cache_directory_mode -%>
+CacheDirectoryMode=<%= sprintf("0%o", @cache_directory_mode) %>
+<% end -%>
+<% if @logs_directory -%>
+LogsDirectory=<%= @logs_directory %>
+<% end -%>
+<% if @logs_directory_mode -%>
+LogsDirectoryMode=<%= sprintf("0%o", @logs_directory_mode) %>
+<% end -%>
+<% if @configuration_directory -%>
+ConfigurationDirectory=<%= @configuration_directory %>
+<% end -%>
+<% if @configuration_directory_mode -%>
+ConfigurationDirectoryMode=<%= sprintf("0%o", @configuration_directory_mode) %>
 <% end -%>
 <% if @standard_input -%>
 StandardInput=<%= @standard_input %>
@@ -139,12 +169,21 @@ ProtectProc=<%= @protect_proc %>
 <% if @proc_subset && node[:lsb][:release].to_f >= 22.04 -%>
 ProcSubset=<%= @proc_subset %>
 <% end -%>
+<% if @bind_paths -%>
+BindPaths=<%= Array(@bind_paths).sort.uniq.join(" ") %>
+<% end -%>
+<% if @bind_read_only_paths -%>
+BindReadOnlyPaths=<%= Array(@bind_read_only_paths).sort.uniq.join(" ") %>
+<% end -%>
 <% if @no_new_privileges -%>
 NoNewPrivileges=<%= @no_new_privileges %>
 <% end -%>
 <% if @capability_bounding_set -%>
 CapabilityBoundingSet=<%= Array(@capability_bounding_set).sort.uniq.join(" ") %>
 <% end -%>
+<% if @ambient_capabilities -%>
+AmbientCapabilities=<%= Array(@ambient_capabilities).sort.uniq.join(" ") %>
+<% end -%>
 <% if @protect_system -%>
 ProtectSystem=<%= @protect_system %>
 <% end -%>
@@ -229,6 +268,9 @@ SuccessExitStatus=<%= Array(@success_exit_status).join(" ") %>
 <% if @restart -%>
 Restart=<%= @restart %>
 <% end -%>
+<% if @restart_sec -%>
+RestartSec=<%= @restart_sec %>
+<% end -%>
 <% if @timeout_start_sec -%>
 TimeoutStartSec=<%= @timeout_start_sec %>
 <% end -%>