ansible-edda/playbooks/roles/services/deploy/rproxy/templates/systemd/pod-rproxy-nginx.service

46 lines
2.2 KiB
Desktop File

[Unit]
Description=Podman pod-{{ services_service_name }}-nginx.service
Documentation=man:podman-generate-systemd(1)
Wants=network.target
After=network-online.target
BindsTo=pod-{{ services_service_name }}.service
After=pod-{{ services_service_name }}.service
Wants=pod-{{ services_service_name }}-certbot.service
Before=pod-{{ services_service_name }}-certbot.service
OnFailure=status-mail@%n.service
[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStartPre=/usr/bin/sh -c 'echo resolver $(awk '\''BEGIN{ORS=" "} $1=="nameserver" {print $2}'\'' {{ system_etc_root_directory }}/resolv.conf) ";" > %t/resolver.conf'
ExecStartPre=/bin/rm -f %t/pod-{{ services_service_name }}-nginx.pid %t/pod-{{ services_service_name }}-nginx.ctr-id
ExecStart=/usr/bin/podman run \
--conmon-pidfile %t/pod-{{ services_service_name }}-nginx.pid \
--cidfile %t/pod-{{ services_service_name }}-nginx.ctr-id \
--cgroups=no-conmon \
--pod-id-file %t/pod-{{ services_service_name }}.pod-id \
--replace \
--label "io.containers.autoupdate=image" \
--log-driver=journald \
-dt \
-v {{ system_etc_root_directory }}/resolv.conf:/etc/resolv.conf:ro \
-v ./.config/service/hosts:/etc/hosts:ro \
-v %t/resolver.conf:/etc/nginx/resolver.conf:ro \
-v ./.config/service/nginx.conf:/etc/nginx/nginx.conf:ro \
-v ./.config/service/stream.conf:/etc/nginx/stream.conf:ro \
-v ./.config/service/nginx-conf.d:/etc/nginx/conf.d:ro \
-v ./.config/service/dhparam.pem:/etc/ssl/certs/dhparam.pem:ro \
-v {{ services_data_directory }}/{{ services_service_user_name }}/etc-letsencrypt/_data:/etc/letsencrypt:ro \
-v var-lib-letsencrypt:/var/lib/letsencrypt:ro \
-v var-www-html:/var/www/html \
--name=pod-{{ services_service_name }}-nginx \
docker.io/library/nginx:{{ services_service_deploy_versions.nginx }}
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/pod-{{ services_service_name }}-nginx.ctr-id -t 10
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/pod-{{ services_service_name }}-nginx.ctr-id
PIDFile=%t/pod-{{ services_service_name }}-nginx.pid
Type=forking
[Install]
WantedBy=multi-user.target default.target