initial commit for ansible haproxy role
This commit is contained in:
Michael Rennecke
36
roles/haproxy/files/haproxy.service
Normal file
36
roles/haproxy/files/haproxy.service
Normal file
@@ -0,0 +1,36 @@
|
||||
[Unit]
|
||||
Description=HAProxy Load Balancer
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid"
|
||||
ExecStartPre=/usr/local/bin/haproxy -f $CONFIG -c -q
|
||||
ExecStart=/usr/local/bin/haproxy -Ws -f $CONFIG -p $PIDFILE
|
||||
ExecReload=/usr/local/bin/haproxy -f $CONFIG -c -q
|
||||
ExecReload=/bin/kill -USR2 $MAINPID
|
||||
KillMode=mixed
|
||||
Restart=always
|
||||
SuccessExitStatus=143
|
||||
Type=notify
|
||||
|
||||
# The following lines leverage SystemD's sandboxing options to provide
|
||||
# defense in depth protection at the expense of restricting some flexibility
|
||||
# in your setup (e.g. placement of your configuration files) or possibly
|
||||
# reduced performance. See systemd.service(5) and systemd.exec(5) for further
|
||||
# information.
|
||||
|
||||
# NoNewPrivileges=true
|
||||
# ProtectHome=true
|
||||
# If you want to use 'ProtectSystem=strict' you should whitelist the PIDFILE,
|
||||
# any state files and any other files written using 'ReadWritePaths' or
|
||||
# 'RuntimeDirectory'.
|
||||
# ProtectSystem=true
|
||||
# ProtectKernelTunables=true
|
||||
# ProtectKernelModules=true
|
||||
# ProtectControlGroups=true
|
||||
# If your SystemD version supports them, you can add: @reboot, @swap, @sync
|
||||
# SystemCallFilter=~@cpu-emulation @keyring @module @obsolete @raw-io
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
Reference in New Issue
Block a user