ansible-edda/playbooks/roles/services/deploy/rproxy/templates/systemd/pod-rproxy-certbot.service

[Unit]
Description=Podman %n
Documentation=man:podman-generate-systemd(1)
Wants=network.target
After=network-online.target
BindsTo=pod-{{ services_service_name }}.service pod-{{ services_service_name }}-nginx.service
After=pod-{{ services_service_name }}.service pod-{{ services_service_name }}-nginx.service
OnFailure=status-mail@%n.service

[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStartPre=/bin/rm -f %t/%N.pid %t/%N.ctr-id
ExecStart=/usr/bin/podman run \
    --conmon-pidfile %t/%N.pid \
    --cidfile %t/%N.ctr-id \
    --cgroups=no-conmon \
    --pod-id-file %t/pod-{{ services_service_name }}.pod-id \
    --replace \
    --label "io.containers.autoupdate=image" \
    --log-driver=journald \
    -dt \
    -v {{ system_etc_root_directory }}/resolv.conf:/etc/resolv.conf:ro \
    -v {{ services_data_directory }}/{{ services_service_user_name }}/etc-letsencrypt/_data:/etc/letsencrypt \
    -v var-lib-letsencrypt:/var/lib/letsencrypt \
    -v var-www-html:/var/www/html \
    -v ./.config/service/crontabs-root:/etc/crontabs/root \
    -v /etc/timezone:/etc/timezone:ro \
    -v /etc/localtime:/etc/localtime:ro \
    --name=%N \
    --entrypoint=/usr/sbin/crond \
    docker.io/certbot/certbot:{{ services_service_deploy_versions.certbot }} -f
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/%N.ctr-id -t 10
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/%N.ctr-id
PIDFile=%t/%N.pid
Type=forking

[Install]
WantedBy=multi-user.target default.target
Playbooks to deploy pod-rproxy and pod-www 2022-09-26 23:10:48 +02:00			`[Unit]`
Use systemd unit file specifiers where possible 2023-11-11 17:35:09 +01:00			`Description=Podman %n`
Playbooks to deploy pod-rproxy and pod-www 2022-09-26 23:10:48 +02:00			`Documentation=man:podman-generate-systemd(1)`
Move certbot to daemonised container 2023-11-10 11:19:08 +01:00			`Wants=network.target`
			`After=network-online.target`
Make service file names consistent 2023-11-11 15:01:29 +01:00			`BindsTo=pod-{{ services_service_name }}.service pod-{{ services_service_name }}-nginx.service`
			`After=pod-{{ services_service_name }}.service pod-{{ services_service_name }}-nginx.service`
Add status mail for user servies as well 2022-10-30 22:09:01 +01:00			`OnFailure=status-mail@%n.service`
Playbooks to deploy pod-rproxy and pod-www 2022-09-26 23:10:48 +02:00
			`[Service]`
			`Environment=PODMAN_SYSTEMD_UNIT=%n`
Move certbot to daemonised container 2023-11-10 11:19:08 +01:00			`Restart=on-failure`
Playbooks to deploy pod-rproxy and pod-www 2022-09-26 23:10:48 +02:00			`TimeoutStopSec=70`
Use systemd unit file specifiers where possible 2023-11-11 17:35:09 +01:00			`ExecStartPre=/bin/rm -f %t/%N.pid %t/%N.ctr-id`
Move rproxy mounts to use _data 2022-11-02 19:36:59 +01:00			`ExecStart=/usr/bin/podman run \`
Use systemd unit file specifiers where possible 2023-11-11 17:35:09 +01:00			`--conmon-pidfile %t/%N.pid \`
			`--cidfile %t/%N.ctr-id \`
Compatibility with new podman on bookworm 2023-08-18 13:01:36 +02:00			`--cgroups=no-conmon \`
			`--pod-id-file %t/pod-{{ services_service_name }}.pod-id \`
			`--replace \`
Move certbot to daemonised container 2023-11-10 11:19:08 +01:00			`--label "io.containers.autoupdate=image" \`
			`--log-driver=journald \`
			`-dt \`
Compatibility with new podman on bookworm 2023-08-18 13:01:36 +02:00			`-v {{ system_etc_root_directory }}/resolv.conf:/etc/resolv.conf:ro \`
			`-v {{ services_data_directory }}/{{ services_service_user_name }}/etc-letsencrypt/_data:/etc/letsencrypt \`
			`-v var-lib-letsencrypt:/var/lib/letsencrypt \`
			`-v var-www-html:/var/www/html \`
Move certbot to daemonised container 2023-11-10 11:19:08 +01:00			`-v ./.config/service/crontabs-root:/etc/crontabs/root \`
			`-v /etc/timezone:/etc/timezone:ro \`
			`-v /etc/localtime:/etc/localtime:ro \`
Use systemd unit file specifiers where possible 2023-11-11 17:35:09 +01:00			`--name=%N \`
Move certbot to daemonised container 2023-11-10 11:19:08 +01:00			`--entrypoint=/usr/sbin/crond \`
			`docker.io/certbot/certbot:{{ services_service_deploy_versions.certbot }} -f`
Use systemd unit file specifiers where possible 2023-11-11 17:35:09 +01:00			`ExecStop=/usr/bin/podman stop --ignore --cidfile %t/%N.ctr-id -t 10`
			`ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/%N.ctr-id`
			`PIDFile=%t/%N.pid`
Move certbot to daemonised container 2023-11-10 11:19:08 +01:00			`Type=forking`

			`[Install]`
			`WantedBy=multi-user.target default.target`