HuehnerCloud/cloud-environments-example
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ba33c5b5d3
cloud-environments-example/roles/vault/templates/etc/systemd/system/vault.service.j2
lhahn ba33c5b5d3 Git initial commit
2023-08-20 11:13:16 +02:00

37 lines
866 B
Django/Jinja
Executable File
Raw Blame History

[Unit]
Description=Vault agent
Requires=network-online.target
After=network-online.target
[Service]
User={{ vault_usr }}
Group={{ vault_grp }}
ProtectSystem=full
ProtectHome=read-only
PrivateTmp=yes
PrivateDevices=yes
SecureBits=keep-caps
AmbientCapabilities=CAP_IPC_LOCK
Capabilities=CAP_IPC_LOCK+ep
CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
NoNewPrivileges=yes
ExecStart={{ vault_link }}/vault server -config {{ vault_home }}/vault.conf.hcl
ExecReload=/bin/kill --signal HUP $MAINPID
ExecStop={{ vault_link }}/vault operator step-down
KillMode=process
KillSignal=SIGINT
LimitMEMLOCK=infinity
LimitNOFILE=65536
PIDFile={{ vault_pid }}
Restart=on-failure
RestartSec=5
StartLimitInterval=20
StartLimitBurst=5
TimeoutStartSec=30
StandardOutput=append:{{ vault_log }}/vault.log
StandardError=append:{{ vault_log }}/vault.err
[Install]
WantedBy=multi-user.target
Reference in New Issue View Git Blame Copy Permalink