--- # Copyright 2017, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. systemd_user_name: root systemd_group_name: root systemd_slice_name: system # Restart services when a change occurs systemd_service_restart_changed: yes # This is the prefix used for all temp files of a given type. systemd_tempd_prefix: tempd # Give a reasonable amount of time for the server to start up/shut down systemd_service_timeout_sec: "{{ systemd_TimeoutSec | default(120) }}" systemd_service_restart: "{{ systemd_Restart | default('on-failure') }}" systemd_service_restart_sec: "{{ systemd_RestartSec | default(2) }}" # Accounting options systemd_service_cpu_accounting: "{{ systemd_CPUAccounting | default(true) }}" systemd_service_block_io_accounting: "{{ systemd_BlockIOAccounting | default(true) }}" systemd_service_memory_accounting: "{{ systemd_MemoryAccounting | default(true) }}" systemd_service_tasks_accounting: "{{ systemd_TasksAccounting | default(true) }}" # Sandboxing options systemd_service_private_tmp: "{{ systemd_PrivateTmp | default(false) }}" systemd_service_private_devices: "{{ systemd_PrivateDevices | default(false) }}" systemd_service_private_network: "{{ systemd_PrivateNetwork | default(false) }}" systemd_service_private_users: "{{ systemd_PrivateUsers | default(false) }}" # Start service after a given target. This is here because we want to define common # after targets used on most services. This can be overridden or agumented using # the "systemd_services" dictionary option "after_targets". systemd_after_targets: - syslog.target - network-online.target # List of documentation information that will be presented in the unit. This # option is a list of documentation items which can be local or online. # Usage: https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Documentation= systemd_unit_docs: [] # Set the service enabled state. Valid options are: [yes, no] systemd_service_enabled: yes # Set global service overrides used within the service unit file. systemd_service_config_overrides: {} # Systemd service type. Options include simple, forking, oneshot, etc. # https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type= systemd_default_service_type: simple # System run directory used for services by default. # Service name will be added to make a unique path. # This option can also be defined for specific service entries under "systemd_services". systemd_run_dir: "/run" # System lock directory used for services by default. # Service name will be added to make a unique path. # This option can also be defined for specific service entries under "systemd_services". systemd_lock_dir: "/run/lock" # Global Environment variables for system services. # This option will provide the operator a way to set additional environment options # used within the execution of a given service. Environment variables can be passed # into the service using ADHOC options or through a given environment file. If both # options are specified, and a collision occurs options will be set in the order in # which they are read (top to bottom) with a given file being processed last. # # If the `systemd_environment_file` is defined a file will be read into the systemd service # unit, the contents of the file will be added to the execution environment of the service. # # The `systemd_environment_file` option is a string. The full path to a given file must be used. # systemd_environment_file: "/etc/default/default-file" # # The `systemd_environmen`t option is a hash. each item in the hash is expected to be a sting # Example # systemd_environment: # VAR1: "word1 word2" # VAR2: "word3" # VAR3: "$word 5 6" systemd_environment: {} # Set the systemd "partof" directive. This ties a service unit to another. # Documentation for PartOf can be found here # https://www.freedesktop.org/software/systemd/man/systemd.unit.html#PartOf= # systemd_partof: unit-name.service # The systemd services dictionary is a set of services that will be created. The dictionary # can contain the following options: # `service_name` -- (required) used to define the name of the service. This is typically the name of the executable. # `service_type` -- (optional) Set the service type, default is "simple". # `execstartpres` -- (optional) Set the program that wil lexecute before service startup. # `execstarts` -- (required) Set the program to start, when the service is simple the list has a max length of 1. # `execstops` -- (optional) Set the program to stop, when the service is simple the list has a max length of 1. # `execstopposts` -- (optional) Set the program that wil lexecute after service stop. # `after_targets` -- (optional) Start the service after this list of dependency units. # `partof` -- (optional) Set the systemd "partof" directive. This ties a service unit to another. # `config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file. # `program_sandboxing` -- (optional) Case sensitive Key=Value pairs for service Sandboxing # `program_accounting` -- (optional) Case sensitive Key=Value pairs for service Accounting # `enabled` -- (optional) Set the enabled state of the service. # `state` -- (optional) Set the running state of the service. # `environment` -- (optional) set additional environment settings, this option is a hash of strings. # `environment_file` -- (optional) set additional environment settings through a given file. this option is a string. # `dynamic_user` -- (optional) Dynamically set a UNIX user and group when the unit is started; only works if systemd >= 235. # `template_arguments` -- (optional) List of arguments that would be enabled/started in case service is a template. # For that to work properly, service_name should end with `@`, ie `dhcpcd@` # Systemd service template documentation can be found by the link: # https://www.freedesktop.org/software/systemd/man/systemd.service.html#Service%20Templates # `state_directory` -- (optional) Relative path the state directory; only works if systemd >= 235. # `systemd_overrides` -- (optional) Dictionary that may contain custom structure in config_overrides format that # will be used to generate systemd overrides in /etc/systemd/system/service_name.service.d/overrides.conf # `systemd_overrides_only` -- (optional) Boolean variable, when True no service_name.service will be generated and role # will place only overrides for the existing service. # `systemd_run_dir` -- (optional) Run directory that will be used for service runtime. Service slice or name is added to the path # `systemd_lock_dir` -- (optional) Lock directory that will be used for service runtime. Service slice or name is added to the path # `load` -- (optional) Boolean to set if the service is loaded. Socket activated services with '@' may not need to be loaded. # `standard_output` -- (optional) Set the stdout of the service to go to a non default destination, such as 'socket' # Under the service dictionary the "sockets" key can be added, which may contain list of the sockets # for the given service_name. Each socket in the lsit may have following structure: # `socket_name` -- (required) Name of created socket # `after_targets` -- (optional) Start the socket after this list of dependency units. # `before_targets` -- (optional) Start the socket before this list of dependency units. # `bind_targets` -- (optional) Bind the socket to this dependency unit. # `enabled` -- (optional) Set the enabled state of the socket. # `options` -- (optional) Additional options, like `ListenStream` or other. Specifying ListenStream in # the options will suppress the default 'Service' field in [Socket]. # `state` -- (optional) Set the running state of the socket. # Under the service dictionary the "timer" key can be added which will enable a given service # as a timer (Legacy cron job). # `options` -- (optional) This allows any section or key=value pair to be set within the systemd timer file. # `cron_minute` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the minute segment. # `cron_hour` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the hour segment. # `cron_day` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the day segment. # `cron_weekday` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the weekday segment. # `cron_month` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the month segment. # Examples: # systemd_services: # - service_name: ServiceU # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - ServiceU # environment_file: "/etc/default/default-file" # # - service_name: ServiceV # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - ServiceV # environment: # VAR1: "word1 word2" # VAR2: "word3" # VAR3: "$word 5 6" # # - service_name: ServiceW # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - ServiceW # # - service_name: ServiceX # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - ServiceX # program_sandboxing: # PrivateTmp: true # program_accounting: # CPUAccounting: true # # - service_name: ServiceY # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - '/usr/bin/ServiceY' # execstarts: # - '/usr/bin/stopcmd' # restart_changed: no # # - service_name: ServiceZ # config_overrides: {} # This is used to add in arbitratry unit file options # enabled: no # state: stopped # service_type: oneshot # execstarts: # - /usr/bin/startcmd1 # - /usr/bin/startcmd2 # execstops # - /usr/bin/stopcmd1 # - /usr/bin/stopcmd2 # execstopposts: # - /usr/local/bin/hook # sockets: # - socket_name: SocketServiceZ # after_targets: # - ServiceZ.socket # before_targets: # - ServiceY.service # bind_targets: # - ServiceZ.socket # enabled: true # state: started # options: # SocketMode: 0600 # ListenStream: /var/run/ServiceZ # # - service_name: TimerServiceW # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - '/usr/bin/ServiceY' # restart_changed: no # timer: # state: "started" # options: # OnBootSec: 30min # OnUnitActiveSec: 1h # Persistent: true # # - service_name: TimerServiceX # config_overrides: {} # This is used to add in arbitratry unit file options # execstarts: # - '/usr/bin/ServiceY' # restart_changed: no # timer: # state: "started" # cron_minute: 30 # cron_hour: 1 # # - service_name: ExistingService # config_overrides: {} # systemd_overrides_only: True # systemd_overrides: # This is used for adjusting existing services with arbitratry options # Unit: # Wants: # - ServiceZ # - ServiceY # restart_changed: no # # Example below will result in creating 2 templated services: Templated@arg1 and Templated@arg2 # - service_name: Templated@ # execstarts: # - /tmp/script %i # template_arguments: # - arg1 # - arg2 systemd_services: []