{{tag>SystemD Services}}

= SystemD service - exemples

Voir aussi :
* [[SystemD service script en boucle infinie respawn]]
* [[Notes Etherpad|Etherpad Démarrage automatique avec SystemD]]
* [[RedHat accès /var/log/mariadb/mariadb.log sans être root]]
* [[pb_podman_-_podman_system_migrate|Pb podman - podman system migrate - script_palliatif]]
* [[https://unix.stackexchange.com/questions/736189/difference-between-ubuntu-systemd-simpleoneshot-and-forking|Les différents types de service SystemD]]


== Diagnostic d'un service

Source : [[https://wiki.archlinux.org/title/Systemd_(Fran%C3%A7ais)#Diagnostic_d'un_service]]

Si un service systemd se comporte mal ou si vous souhaitez obtenir plus d'informations sur ce qui se passe, définissez la SYSTEMD_LOG_LEVEL {[variable d'environnement]] à SYSTEMD_LOG_LEVEL. [à debug. Par exemple, pour exécuter le daemon systemd-networkd en mode débogage :

Ajoutez un [[https://wiki.archlinux.org/title/Systemd_(Fran%C3%A7ais)#Fichiers_de_substitution|Fichiers de substitution]] pour le service en ajoutant les deux lignes :

<code ini>
[Service]
Environment=SYSTEMD_LOG_LEVEL=debug
</code>

Ou comme équivalent, définissez la variable d'environnement manuellement :
<code ->
# SYSTEMD_LOG_LEVEL=debug /lib/systemd/systemd-networkd
</code>

puis redémarrer systemd-networkd et regarder le journal du service avec l'option -f/--follow. 

== Exemple conf


=== Exemple conf proxy


''/etc/systemd/system/docker.service.d/http-proxy.conf''
<code ini>
[Service]
# Environment="HTTP_PROXY=http://192.168.56.1:3128/" "HTTPS_PROXY=http://192.168.56.1:3128/" "NO_PROXY=localhost,127.0.0.0/8,192.168.0.0/16,docker-1"
Environment="ALL_PROXY=http://192.168.56.1:3128/" "NO_PROXY=localhost,127.0.0.0/8,192.168.0.0/16,docker-1"

</code>

<code bash>
systemctl daemon-reload
systemctl show --property=Environment docker
systemctl restart docker
</code>


=== Désactiver un service si un fichier est présent

''/lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf''
<code ini>
[Unit]
# don't run timesyncd if we have another NTP daemon installed
#ConditionFileIsExecutable=!/usr/sbin/VBoxService
</code>


=== Arguments utiles

<code ini>
Environment=NODE_ENV=production
</code>



=== Command systemd-run

https://blog.octo.com/5-services-que-systemd-ma-deja-rendu/
<code bash>
#systemd-run --user
systemd-run --on-active=10 /bin/bash -c "echo 'Bip!' >>'/var/log/spoutnik.log'
</code>

https://wiki.archlinux.org/index.php/Systemd/Timers
<code bash>
systemd-run --on-active="12h 30m" --unit someunit.service
</code>

https://www.systutorials.com/docs/linux/man/1-systemd-run/
<code bash>
systemd-run -p BlockIOWeight=10 updatedb
systemd-run --on-active=30 --timer-property=AccuracySec=100ms /bin/touch /tmp/foo
</code>


== Exemple

=== Exemple 1

Source : https://confluence.atlassian.com/confkb/run-confluence-as-a-systemd-service-on-linux-937177781.html

<code bash>
touch /lib/systemd/system/confluence.service
chmod 664 /lib/systemd/system/confluence.service
</code>

<code bash>
vi /lib/systemd/system/confluence.service
</code>


''/lib/systemd/system/confluence.service''
<code ini>
[Unit]
Description=Confluence
After=network.target

[Service]
Type=forking
User=confluence
PIDFile=/opt/atlassian/confluence/work/catalina.pid
ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh
ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh
TimeoutSec=200
LimitNOFILE=2048
LimitNPROC=2048

[Install]
WantedBy=multi-user.target
</code>

Vérif syntax

<code bash>
systemd-analyze verify /lib/systemd/system/confluence.service
</code>

<code bash>
systemctl daemon-reload
systemctl enable confluence.service
systemctl start confluence.service
systemctl status confluence.service
</code>


=== Exemple 2

https://wiki.archlinux.org/index.php/Advanced_Format

''/etc/systemd/system/lcc_fix.service''
<code ini>
[Unit]
Description=WDIDLE3

[Service]
Type=oneshot
ExecStart=/usr/bin/hdparm -J 300 --please-destroy-my-drive /dev/sdX
TimeoutSec=0
StandardInput=tty
RemainAfterExit=yes
UMask=006

[Install]
WantedBy=multi-user.target
</code>


=== Exemple 3

Source : https://fabianlee.org/2017/05/21/golang-running-a-go-binary-as-a-systemd-service-on-ubuntu-16-04/

''/lib/systemd/system/sleepservice.service''
<code ini>
[Unit]
Description=Sleep service
ConditionPathExists=/home/ubuntu/work/src/sleepservice/sleepservice
After=network.target
 
[Service]
Type=simple
User=sleepservice
Group=sleepservice
LimitNOFILE=1024

Restart=on-failure
RestartSec=10
startLimitIntervalSec=60

WorkingDirectory=/home/ubuntu/work/src/sleepservice
ExecStart=/home/ubuntu/work/src/sleepservice/sleepservice --name=foo

# make sure log directory exists and owned by syslog
PermissionsStartOnly=true
ExecStartPre=/bin/mkdir -p /var/log/sleepservice
ExecStartPre=/bin/chown syslog:adm /var/log/sleepservice
ExecStartPre=/bin/chmod 755 /var/log/sleepservice
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=sleepservice
 
[Install]
WantedBy=multi-user.target
</code>

=== Exemple 4 - SystemD appelant un script sysV init

Exemple avec SonarQube

''/etc/systemd/system/sonar.service''
<code ini>
[Unit]
Description=Sonar 6
After=network.target network-online.target
Wants=network-online.target

[Service]
ExecStart=/home/sonar/sonarqube-6.7.1/bin/linux-x86-64/sonar.sh start
ExecStop=/home/sonar/sonarqube-6.7.1/bin/linux-x86-64/sonar.sh stop
ExecReload=/home/sonar/sonarqube-6.7.1/bin/linux-x86-64/sonar.sh restart
PIDFile=/home/sonar/sonarqube-6.7.1/bin/linux-x86-64/./SonarQube.pid
Type=forking
User=sonar

[Install]
WantedBy=multi-user.target
</code>


=== Exemple Jenkins slave agent


''Jenkins-agent.service''
<code ini>
[Unit]
Description=Jenkins Service
Wants=network.target
After=network.target

[Service]
ExecStart=/usr/bin/java -jar /home/user1/slave2.jar -jnlpUrl http://jenkins:8080/computer/SERVER01/slave-agent.jnlp
User=user1
Restart=always

[Install]
WantedBy=multi-user.target
</code>


=== Exemple Postgres

''/usr/local/lib/systemd/system/postgres_plop_rct.service''
<code ini>
[Unit]
Description=postgresql_plop_rct_service
After=network.target
AssertPathExists=!/etc/noprod

[Service]
Type=forking
User=postgres

#Disable OOM kill on postmaster
OOMScoreAdjust=-1000
Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj
Environment=PG_OOM_ADJUST_VALUE=0

WorkingDirectory=/tools/list/postgres/script/bin
ExecStart=/tools/list/postgres/script/bin/rc_postgres.ksh start plop_rct
ExecStop=/tools/list/postgres/script/bin/rc_postgres.ksh stop plop_rct
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-abort
KillMode=mixed
KillSignal=SIGINT
TimeoutSec=0

[Install]
WantedBy=multi-user.target
</code>


=== Exemple AAP - Tirer des dépendances seulement


''/etc/systemd/system/automation-controller.service''
<code ini>
[Unit]
Description=Automation Controller service
After=network.target redis.service  nginx.service supervisord.service receptor.service
Wants=redis.service  nginx.service supervisord.service receptor.service

[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/bin/true

[Install]
WantedBy=multi-user.target
</code>


=== Exemple iptables-service de RedHat

''/usr/lib/systemd/system/iptables.service''
<code ini>
[Unit]
Description=IPv4 firewall with iptables
After=syslog.target
AssertPathExists=/etc/sysconfig/iptables

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/libexec/iptables/iptables.init start
ExecReload=/usr/libexec/iptables/iptables.init reload
ExecStop=/usr/libexec/iptables/iptables.init stop
Environment=BOOTUP=serial
Environment=CONSOLETYPE=serial
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=basic.target
</code>


''/usr/libexec/iptables/iptables.init''
<code bash>
#!/bin/bash
#
# iptables      Start iptables firewall
#
# chkconfig: 2345 08 92
# description:  Starts, stops and saves iptables firewall
#
# config: /etc/sysconfig/iptables
# config: /etc/sysconfig/iptables-config
#
### BEGIN INIT INFO
# Provides: iptables
# Required-Start:
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop iptables firewall
# Description: Start, stop and save iptables firewall
### END INIT INFO

# Source function library.
. /etc/init.d/functions

#------------------------------------------------

case "$1" in
    start)
        [ -f "$VAR_SUBSYS_IPTABLES" ] && exit 0
        start
        RETVAL=$?
        ;;
    stop)
        [ "x$IPTABLES_SAVE_ON_STOP" = "xyes" ] && save
        stop
        RETVAL=$?
        ;;
    restart|force-reload)
        restart
        RETVAL=$?
        ;;
    reload)
        [ -e "$VAR_SUBSYS_IPTABLES" ] && reload
        RETVAL=$?
        ;;
    condrestart|try-restart)
        [ ! -e "$VAR_SUBSYS_IPTABLES" ] && exit 0
        restart
        restart
        RETVAL=$?
        ;;
    status)
        status
        RETVAL=$?
        ;;
    panic)
        set_policy DROP
        RETVAL=$?
        ;;
    save)
        save
        RETVAL=$?
        ;;
    *)
        echo $"Usage: ${IPTABLES} {start|stop|reload|restart|condrestart|status|panic|save}"
        RETVAL=2
        ;;
esac

exit $RETVAL
</code>


=== Exemple Nagios

''nagios4.service''
<code ini>
[Unit]
Description=nagios4
Documentation=man:nagios4

[Service]
Environment=NAGIOSCFG="/etc/nagios4/nagios.cfg"
EnvironmentFile=/etc/default/nagios4
ExecStartPre=sh -c 'nagiospipe=$$(sed -n "s/^command_file=\\(.*\\)/\\1/p" ${NAGIOSCFG}); [ -z "$${nagiospipe}" -o ! -e "$${nagiospipe}" ] || rm -f "$${nagiospipe}"'
ExecStart=/usr/sbin/nagios4 ${NAGIOSCFG}
ExecStopPost=sh -c 'nagiospipe=$$(sed -n "s/^command_file=\\(.*\\)/\\1/p" ${NAGIOSCFG}); [ -z "$${nagiospipe}" -o ! -e "$${nagiospipe}" ] || rm -f "$${nagiospipe}"'
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
PIDFile=/run/nagios4/nagios.pid

[Install]
WantedBy=multi-user.target
</code>