[Unit] Description=Podman %n Documentation=man:podman-generate-systemd(1) Wants=network.target After=network-online.target BindsTo=pod-{{ services_service_name }}.service After=pod-{{ services_service_name }}.service Wants=pod-{{ services_service_name }}-certbot.service Before=pod-{{ services_service_name }}-certbot.service OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n Restart=on-failure TimeoutStopSec=70 ExecStartPre=/usr/bin/sh -c 'echo resolver $(awk '\''BEGIN{ORS=" "} $1=="nameserver" {print $2}'\'' {{ system_etc_root_directory }}/resolv.conf) ";" > %t/resolver.conf' ExecStartPre=/bin/rm -f %t/%N.pid %t/%N.ctr-id ExecStart=/usr/bin/podman run \ --conmon-pidfile %t/%N.pid \ --cidfile %t/%N.ctr-id \ --cgroups=no-conmon \ --pod-id-file %t/pod-{{ services_service_name }}.pod-id \ --replace \ --label "io.containers.autoupdate=image" \ --log-driver=journald \ -dt \ -v {{ system_etc_root_directory }}/resolv.conf:/etc/resolv.conf:ro \ -v ./.config/service/hosts:/etc/hosts:ro \ -v %t/resolver.conf:/etc/nginx/resolver.conf:ro \ -v ./.config/service/nginx.conf:/etc/nginx/nginx.conf:ro \ -v ./.config/service/stream.conf:/etc/nginx/stream.conf:ro \ -v ./.config/service/nginx-conf.d:/etc/nginx/conf.d:ro \ -v ./.config/service/dhparam.pem:/etc/ssl/certs/dhparam.pem:ro \ -v {{ services_data_directory }}/{{ services_service_user_name }}/etc-letsencrypt/_data:/etc/letsencrypt:ro \ -v var-lib-letsencrypt:/var/lib/letsencrypt:ro \ -v var-www-html:/var/www/html \ --name=%N \ docker.io/library/nginx:{{ services_service_deploy_versions.nginx }} ExecStop=/usr/bin/podman stop --ignore --cidfile %t/%N.ctr-id -t 10 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/%N.ctr-id PIDFile=%t/%N.pid Type=forking [Install] WantedBy=multi-user.target default.target