Defined Type: systemd::manage_unit

Defined in:
manifests/manage_unit.pp

Summary

Generate unit file from template

Overview

Examples:

Generate a service

systemd::manage_unit { 'myrunner.service':
  unit_entry    => {
    'Description' => 'My great service',
  },
  service_entry => {
    'Type'      => 'oneshot',
    'ExecStart' => '/usr/bin/doit.sh',
  },
  install_entry => {
    'WantedBy' => 'multi-user.target',
  },
}

Genenerate a path unit

systemd::manage_unit { 'passwd-mon.path':
  ensure        => present,
  unit_entry    => {
    'Description' => 'Monitor the passwd file',
  },
  path_entry    => {
    'PathModified' => '/etc/passwd',
    'Unit'         => 'passwd-mon.service',
  },
  install_entry => {
    'WantedBy' => 'multi-user.target',
  },
}

Generate a socket and service (xinetd style)

systemd::manage_unit {'arcd.socket':
  ensure        => 'present',
  unit_entry    => {
    'Description' => 'arcd.service',
  },
  socket_entry  => {
    'ListenStream' => 4241,
    'Accept'       => true,
    'BindIPv6Only' => 'both',
  },
  install_entry => {
    'WantedBy' => 'sockets.target',
  },
}

systemd::manage_unit{'arcd@.service':
  ensure        => 'present',
  enable        => true,
  active        => true,
  unit_entry    => {
    'Description'   => 'arc sever for %i',
  },
  service_entry => {
    'Type'          => 'simple',
    'ExecStart'     => /usr/sbin/arcd /usr/libexec/arcd/arcd.pl,
    'StandardInput' => 'socket',
  },
}

Mount a Filesystem and Use for a Service

systemd::manage_unit { 'var-lib-sss-db.mount':
  ensure      => present,
  unit_entry  => {
    'Description' => 'Mount sss tmpfs db',
  },
  mount_entry => {
    'What'    => 'tmpfs',
    'Where'   => '/var/lib/sss/db',
    'Type'    => 'tmpfs',
    'Options' => 'size=300M,mode=0700,uid=sssd,gid=sssd,rootcontext=system_u:object_r:sssd_var_lib_t:s0',
  },
}
systemd::manage_dropin { 'tmpfs-db.conf':
  ensure     => present,
  unit       => 'sssd.service',
  unit_entry => {
    'RequiresMountsFor' => '/var/lib/sss/db',
  },
}

Create and Mount a Swap File


systemd::manage_unit{'swapfile.swap':
  ensure        => present,
  enable        => true,
  active        => true,
  unit_entry    => {
    'Description' => 'Mount /swapfile as a swap file',
    'After'       => 'mkswap.service',
    'Requires'    => 'mkswap.service',
  },
  swap_entry    => {
    'What' => '/swapfile',
  },
  install_entry => {
    'WantedBy' => 'multi-user.target',
  },
  require       => Systemd::Manage_unit['mkswap.service'],
}
systemd::manage_unit{'mkswap.service':
  ensure        => present,
  unit_entry    => {
    'Description'         => 'Format a swapfile at /swapfile',
    'ConditionPathExists' => '!/swapfile',
  },
  service_entry => {
    'Type'      => 'oneshot',
    'UMask'     => '0177',
    'ExecStart' => [
      '/usr/bin/dd if=/dev/zero of=/swapfile bs=1024 count=1000',
      '/usr/sbin/mkswap /swapfile',
    ],
  },
}

Remove a unit file

systemd::manage_unit { 'my.service':
  ensure     => 'absent',
}

Parameters:

  • name (Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$'])

    The target unit file to create

  • ensure (Enum['present', 'absent']) (defaults to: 'present')

    The state of the unit file to ensure

  • path (Stdlib::Absolutepath) (defaults to: '/etc/systemd/system')

    The main systemd configuration path

  • owner (String) (defaults to: 'root')

    The owner to set on the unit file

  • group (String) (defaults to: 'root')

    The group to set on the unit file

  • mode (Stdlib::Filemode) (defaults to: '0444')

    The mode to set on the unit file

  • show_diff (Boolean) (defaults to: true)

    Whether to show the diff when updating unit file

  • enable (Optional[Variant[Boolean, Enum['mask']]]) (defaults to: undef)

    If set, manage the unit enablement status

  • active (Optional[Boolean]) (defaults to: undef)

    If set, will manage the state of the unit

  • restart (Optional[String]) (defaults to: undef)

    Specify a restart command manually. If left unspecified, a standard Puppet service restart happens

  • selinux_ignore_defaults (Boolean) (defaults to: false)

    maps to the same param on the file resource for the unit. false in the module because it’s false in the file resource type

  • service_parameters (Hash[String[1], Any]) (defaults to: {})

    hash that will be passed with the splat operator to the service resource

  • daemon_reload (Boolean) (defaults to: true)

    call ‘systemd::daemon-reload` to ensure that the modified unit file is loaded

  • service_restart (Boolean) (defaults to: true)

    restart (notify) the service when unit file changed

  • unit_entry (Optional[Systemd::Unit::Unit]) (defaults to: undef)

    key value pairs for [Unit] section of the unit file.

  • slice_entry (Optional[Systemd::Unit::Slice]) (defaults to: undef)

    key value pairs for [Slice] section of the unit file

  • service_entry (Optional[Systemd::Unit::Service]) (defaults to: undef)

    key value pairs for [Service] section of the unit file.

  • install_entry (Optional[Systemd::Unit::Install]) (defaults to: undef)

    key value pairs for [Install] section of the unit file.

  • timer_entry (Optional[Systemd::Unit::Timer]) (defaults to: undef)

    key value pairs for [Timer] section of the unit file

  • path_entry (Optional[Systemd::Unit::Path]) (defaults to: undef)

    key value pairs for [Path] section of the unit file.

  • socket_entry (Optional[Systemd::Unit::Socket]) (defaults to: undef)

    kev value paors for [Socket] section of the unit file.

  • mount_entry (Optional[Systemd::Unit::Mount]) (defaults to: undef)

    kev value pairs for [Mount] section of the unit file.

  • swap_entry (Optional[Systemd::Unit::Swap]) (defaults to: undef)

    kev value pairs for [Swap] section of the unit file.

See Also:

  • systemdsystemd.unit(5)


158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
 
# File 'manifests/manage_unit.pp', line 158

define systemd::manage_unit (
  Enum['present', 'absent']                $ensure                  = 'present',
  Stdlib::Absolutepath                     $path                    = '/etc/systemd/system',
  String                                   $owner                   = 'root',
  String                                   $group                   = 'root',
  Stdlib::Filemode                         $mode                    = '0444',
  Boolean                                  $show_diff               = true,
  Optional[Variant[Boolean, Enum['mask']]] $enable                  = undef,
  Optional[Boolean]                        $active                  = undef,
  Optional[String]                         $restart                 = undef,
  Boolean                                  $selinux_ignore_defaults = false,
  Hash[String[1], Any]                     $service_parameters      = {},
  Boolean                                  $daemon_reload           = true,
  Boolean                                  $service_restart         = true,
  Optional[Systemd::Unit::Install]         $install_entry           = undef,
  Optional[Systemd::Unit::Unit]            $unit_entry              = undef,
  Optional[Systemd::Unit::Slice]           $slice_entry             = undef,
  Optional[Systemd::Unit::Service]         $service_entry           = undef,
  Optional[Systemd::Unit::Timer]           $timer_entry             = undef,
  Optional[Systemd::Unit::Path]            $path_entry              = undef,
  Optional[Systemd::Unit::Socket]          $socket_entry            = undef,
  Optional[Systemd::Unit::Mount]           $mount_entry             = undef,
  Optional[Systemd::Unit::Swap]            $swap_entry              = undef,
) {
  assert_type(Systemd::Unit, $name)

  if $timer_entry and $name !~ Pattern['^[^/]+\.timer'] {
    fail("Systemd::Manage_unit[${name}]: timer_entry is only valid for timer units")
  }

  if $path_entry and $name !~ Pattern['^[^/]+\.path'] {
    fail("Systemd::Manage_unit[${name}]: path_entry is only valid for path units")
  }

  if $socket_entry and $name !~ Pattern['^[^/]+\.socket'] {
    fail("Systemd::Manage_unit[${name}]: socket_entry is only valid for socket units")
  }

  if $slice_entry and $name !~ Pattern['^[^/]+\.slice'] {
    fail("Systemd::Manage_unit[${name}]: slice_entry is only valid for slice units")
  }

  if $mount_entry and $name !~ Pattern['^[^/]+\.mount'] {
    fail("Systemd::Manage_unit[${name}]: mount_entry is only valid for mount units")
  }

  if $swap_entry and $name !~ Pattern['^[^/]+\.swap'] {
    fail("Systemd::Manage_unit[${name}]: swap_entry is only valid for swap units")
  }

  if $ensure != 'absent' and  $name =~ Pattern['^[^/]+\.service'] and !$service_entry {
    fail("Systemd::Manage_unit[${name}]: service_entry is required for service units")
  }

  systemd::unit_file { $name:
    ensure                  => $ensure,
    path                    => $path,
    owner                   => $owner,
    group                   => $group,
    mode                    => $mode,
    show_diff               => $show_diff,
    enable                  => $enable,
    active                  => $active,
    selinux_ignore_defaults => $selinux_ignore_defaults,
    service_parameters      => $service_parameters,
    daemon_reload           => $daemon_reload,
    service_restart         => $service_restart,
    content                 => epp('systemd/unit_file.epp', {
        'unit_entry'    => $unit_entry,
        'slice_entry'   => $slice_entry,
        'service_entry' => $service_entry,
        'install_entry' => $install_entry,
        'timer_entry'   => $timer_entry,
        'path_entry'    => $path_entry,
        'socket_entry'  => $socket_entry,
        'mount_entry'   => $mount_entry,
        'swap_entry'    => $swap_entry,
    }),
  }
}