ansible-role-systemd_service/defaults/main.yml

---
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

systemd_user_name: root
systemd_group_name: root
systemd_slice_name: system

# Restart services when a change occurs
systemd_service_restart_changed: yes

# This is the prefix used for all temp files of a given type.
systemd_tempd_prefix: tempd

# Give a reasonable amount of time for the server to start up/shut down
systemd_TimeoutSec: 120
systemd_Restart: on-failure
systemd_RestartSec: 2

# Accounting options
systemd_CPUAccounting: true
systemd_BlockIOAccounting: true
systemd_MemoryAccounting: true
systemd_TasksAccounting: true

# Sandboxing options
systemd_PrivateTmp: false
systemd_PrivateDevices: false
systemd_PrivateUsers: false

# Systemd provides for the ability to start a given service in a network
#  namespace. When `systemd_PrivateNetwork` is `true` a service will be
#  started within a namepsace created using the name of the service unit.
systemd_PrivateNetwork: false
# When `systemd_PrivateNetwork` is enabled, it may be desirable to add a
#  specific link into the service namespace using the MACVLAN interface.
#  The option `systemd_PrivateNetworkIsolated`, when set to `false`, will
#  create a MACVLAN interface which binds to the host interface defined
#  by the option `systemd_PrivateNetworkInterface`; uses the gateway
#  interface by default. The MODE used by the MACVLAN interface can be
#  changed using the option `systemd_PrivateNetworkMode`.
systemd_PrivateNetworkIsolated: true
systemd_PrivateNetworkInterface: "{{ ansible_default_ipv4['interface'] }}"
systemd_PrivateNetworkMode: bridge
# When `systemd_PrivateNetworkIsolated` is disabled, an interface is
#  created on the host and within the service namespace. If this interface
#  needs an IP address DHCP can be enabled which will, by default, send
#  DHCP requests through the interface defined by the option
#  `systemd_PrivateNetworkInterface`.
systemd_PrivateNetworkDHCP: false
# DHCP can be localized to only the physical host using option
#  `systemd_PrivateNetworkLocalDHCP`. Setting this option to `true`, will
#  create a networkd configuration for DHCPServer using the MACVLAN interface
#  defined by `systemd_PrivateNetworkInterface`. The gateway set within the
#  service namespace will be set using `systemd_PrivateNetworkLocalDHCPGateway`.
systemd_PrivateNetworkLocalDHCP: false
systemd_PrivateNetworkLocalDHCPGateway: "10.0.5.1/24"

# Start service after a given target. This is here because we want to define common
#  after targets used on most services. This can be overridden or agumented using
#  the "systemd_services" dictionary option "after_targets".
systemd_after_targets:
  - syslog.target
  - network-online.target

# List of documentation information that will be presented in the unit. This
#  option is a list of documentation items which can be local or online.
#  Usage: https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Documentation=
systemd_unit_docs: []

# Set the service enabled state. Valid options are: [yes, no]
systemd_service_enabled: yes

# Set global service overrides used within the service unit file.
systemd_service_config_overrides: {}

# Systemd service type. Options include simple, forking, oneshot, etc.
# https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=
systemd_default_service_type: simple

# Global lock path used for system services.
#  This is an optional variable and will have no effect if undefined.
#  This option can also be defined for specific service entries under "systemd_services".
# systemd_lock_path: "/var/lock/service1"

# Global Environment variables for system services.
#  This option will provide the operator a way to set additional environment options
#  used within the execution of a given service. Environment variables can be passed
#  into the service using ADHOC options or through a given environment file. If both
#  options are specified, and a collision occurs options will be set in the order in
#  which they are read (top to bottom) with a given file being processed last.
#
#  If the `systemd_environment_file` is defined a file will be read into the systemd service
#  unit, the contents of the file will be added to the execution environment of the service.
#
# The `systemd_environment_file` option is a string. The full path to a given file must be used.
#  systemd_environment_file: "/etc/default/default-file"
#
# The `systemd_environmen`t option is a hash. each item in the hash is expected to be a sting
# Example
#   systemd_environment:
#     VAR1: "word1 word2"
#     VAR2: "word3"
#     VAR3: "$word 5 6"
systemd_environment: {}

# Set the systemd "partof" directive. This ties a service unit to another.
# Documentation for PartOf can be found here
# https://www.freedesktop.org/software/systemd/man/systemd.unit.html#PartOf=
# systemd_partof: unit-name.service

# The systemd services dictionary is a set of services that will be created. The dictionary
#  can contain the following options:
#  `service_name` -- (required) used to define the name of the service. This is typically the name of the executable.
#  `service_type` -- (optional) Set the service type, default is "simple".
#  `execstarts` -- (required) Set the program to start, when the service is simple the list has a max length of 1.
#  `execstops` -- (optional) Set the program to stop, when the service is simple the list has a max length of 1.
#  `after_targets` -- (optional) Start the service after this list of dependency units.
#  `partof` -- (optional) Set the systemd "partof" directive. This ties a service unit to another.
#  `config_overrides` -- (optional) This allows any section or key=value pair to be set within the systemd unit file.
#  `program_sandboxing` -- (optional) Case sensitive Key=Value pairs for service Sandboxing
#  `program_accounting` -- (optional) Case sensitive Key=Value pairs for service Accounting
#  `enabled` -- (optional) Set the enabled state of the service.
#  `state` -- (optional) Set the running state of the service.
#  `environment` -- (optional) set additional environment settings, this option is a hash of strings.
#  `environment_file` -- (optional) set additional environment settings through a given file. this option is a string.
#  `dynamic_user` -- (optional) Dynamically set a UNIX user and group when the unit is started; only works if systemd >= 235.
#  `state_directory` -- (optional) Relative path the state directory; only works if systemd >= 235.

# Under the service dictionary the "timer" key can be added which will enable a given service
#  as a timer (Legacy cron job).
#  `options` -- (optional) This allows any section or key=value pair to be set within the systemd timer file.
#  `cron_minute` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the minute segment.
#  `cron_hour` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the hour segment.
#  `cron_day` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the day segment.
#  `cron_weekday` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the weekday segment.
#  `cron_month` -- (optional) This allows for "on calendar configuration" (AKA CRON) for the month segment.

#  Examples:
#   systemd_services:
#     - service_name: ServiceU
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - ServiceU
#           environment_file: "/etc/default/default-file"
#
#     - service_name: ServiceV
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - ServiceV
#           environment:
#             VAR1: "word1 word2"
#             VAR2: "word3"
#             VAR3: "$word 5 6"
#
#     - service_name: ServiceW
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - ServiceW
#
#     - service_name: ServiceX
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - ServiceX
#       program_sandboxing:
#         PrivateTmp: true
#       program_accounting:
#         CPUAccounting: true
#
#     - service_name: ServiceY
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - '/usr/bin/ServiceY'
#       execstarts:
#         - '/usr/bin/stopcmd'
#       restart_changed: no
#
#     - service_name: ServiceZ
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       enabled: no
#       state: stopped
#       service_type: oneshot
#       execstarts:
#         - /usr/bin/startcmd1
#         - /usr/bin/startcmd2
#       execstops
#         - /usr/bin/stopcmd1
#         - /usr/bin/stopcmd2
#
#     - service_name: TimerServiceW
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - '/usr/bin/ServiceY'
#       restart_changed: no
#       timer:
#         state: "started"
#         options:
#           OnBootSec: 30min
#           OnUnitActiveSec: 1h
#           Persistent: true
#
#     - service_name: TimerServiceX
#       config_overrides: {}  # This is used to add in arbitratry unit file options
#       execstarts:
#         - '/usr/bin/ServiceY'
#       restart_changed: no
#       timer:
#         state: "started"
#         cron_minute: 30
#         cron_hour: 1
systemd_services: []