| Marc-Antoine Perennou | f825580 | 2013-02-13 09:28:50 +0100 | [diff] [blame] | 1 | [Unit] |
| 2 | Description=HAProxy Load Balancer |
| 3 | After=network.target |
| 4 | |
| 5 | [Service] |
| Apollon Oikonomopoulos | b060148 | 2019-05-06 13:00:52 +0200 | [diff] [blame] | 6 | EnvironmentFile=-/etc/default/haproxy |
| William Lallemand | eaa4555 | 2019-05-07 14:00:33 +0200 | [diff] [blame] | 7 | EnvironmentFile=-/etc/sysconfig/haproxy |
| Tim Duesterhus | eaa4b8a | 2019-05-06 13:00:53 +0200 | [diff] [blame] | 8 | Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "EXTRAOPTS=-S /run/haproxy-master.sock" |
| Apollon Oikonomopoulos | b060148 | 2019-05-06 13:00:52 +0200 | [diff] [blame] | 9 | ExecStartPre=@SBINDIR@/haproxy -f $CONFIG -c -q $EXTRAOPTS |
| 10 | ExecStart=@SBINDIR@/haproxy -Ws -f $CONFIG -p $PIDFILE $EXTRAOPTS |
| 11 | ExecReload=@SBINDIR@/haproxy -f $CONFIG -c -q $EXTRAOPTS |
| Marc-Antoine Perennou | f825580 | 2013-02-13 09:28:50 +0100 | [diff] [blame] | 12 | ExecReload=/bin/kill -USR2 $MAINPID |
| Apollon Oikonomopoulos | 74f0169 | 2014-10-08 15:14:41 +0300 | [diff] [blame] | 13 | KillMode=mixed |
| Marc-Antoine Perennou | f825580 | 2013-02-13 09:28:50 +0100 | [diff] [blame] | 14 | Restart=always |
| Vincent Bernat | 3b479bd | 2018-06-22 20:57:03 +0200 | [diff] [blame] | 15 | SuccessExitStatus=143 |
| Tim Duesterhus | d6942c8 | 2017-11-20 15:58:35 +0100 | [diff] [blame] | 16 | Type=notify |
| Marc-Antoine Perennou | f825580 | 2013-02-13 09:28:50 +0100 | [diff] [blame] | 17 | |
| Tim Duesterhus | 1ce8de2 | 2018-02-27 20:19:03 +0100 | [diff] [blame] | 18 | # The following lines leverage SystemD's sandboxing options to provide |
| 19 | # defense in depth protection at the expense of restricting some flexibility |
| 20 | # in your setup (e.g. placement of your configuration files) or possibly |
| 21 | # reduced performance. See systemd.service(5) and systemd.exec(5) for further |
| 22 | # information. |
| 23 | |
| Tim Duesterhus | 8a96592 | 2018-02-27 20:19:04 +0100 | [diff] [blame] | 24 | # NoNewPrivileges=true |
| 25 | # ProtectHome=true |
| 26 | # If you want to use 'ProtectSystem=strict' you should whitelist the PIDFILE, |
| 27 | # any state files and any other files written using 'ReadWritePaths' or |
| 28 | # 'RuntimeDirectory'. |
| 29 | # ProtectSystem=true |
| 30 | # ProtectKernelTunables=true |
| 31 | # ProtectKernelModules=true |
| 32 | # ProtectControlGroups=true |
| Tim Duesterhus | 2788a39 | 2018-02-27 20:19:05 +0100 | [diff] [blame] | 33 | # If your SystemD version supports them, you can add: @reboot, @swap, @sync |
| 34 | # SystemCallFilter=~@cpu-emulation @keyring @module @obsolete @raw-io |
| Tim Duesterhus | 8a96592 | 2018-02-27 20:19:04 +0100 | [diff] [blame] | 35 | |
| Marc-Antoine Perennou | f825580 | 2013-02-13 09:28:50 +0100 | [diff] [blame] | 36 | [Install] |
| 37 | WantedBy=multi-user.target |