Difference between revisions of "Systemd/Services"

From ArchWiki
Jump to: navigation, search
(tmux)
(redirect empty page marked for deletion, see also talk page)
 
(146 intermediate revisions by 40 users not shown)
Line 1: Line 1:
{{Lowercase title}}
+
#REDIRECT [[Systemd]]
[[Category:Daemons and system services]]
 
[[Category:Boot process]]
 
{{Article summary start}}
 
{{Article summary heading|Related}}
 
{{Article summary wiki|systemd}}
 
{{Article summary end}}
 
 
 
This page is useful to publish [[systemd]] service files that are missing in the appropriate package in the repositories. These files can be copied from other distributions or created by yourself.
 
 
 
== Change name of wireless interface ==
 
 
 
For those rare occasions where this is necessary.
 
{{hc|/etc/iftab|<nowiki>
 
wlan* mac [mac-address]</nowiki>}}
 
Replace [mac-address] with the one corresponding to the networking hardware.
 
 
 
{{hc|/etc/systemd/system/fix-wireless-interface.service|<nowiki>
 
[Unit]
 
Description=Changes the wireless interface eth1 to the proper wlan*
 
Wants=network.target
 
Before=network.target
 
 
[Service]
 
Type=oneshot
 
ExecStart=/usr/sbin/ifrename -c /etc/iftab
 
 
[Install]
 
WantedBy=multi-user.target</nowiki>}}
 
 
 
== dropbear ==
 
{{hc|/etc/systemd/system/dropbear.service|
 
<nowiki>
 
[Unit]
 
Description=Dropbear SSH server
 
 
 
[Service]
 
Type=oneshot
 
ExecStart=/usr/sbin/dropbear -p 22 -d /etc/dropbear/dropbear_dss_host_key -w -P /var/run/dropbear.pid
 
RemainAfterExit=yes
 
 
 
[Install]
 
WantedBy=multi-user.target
 
 
 
</nowiki>}}
 
 
 
== IPv6 (Hurricane Electric) ==
 
{{hc|/etc/systemd/system/he-ipv6.service|<nowiki>
 
 
 
[Unit]
 
Description=he.net IPv6 tunnel
 
After=network.target
 
 
 
[Service]
 
Type=oneshot
 
RemainAfterExit=yes
 
ExecStart=/sbin/ip tunnel add he-ipv6 mode sit remote 209.51.161.14 local <local IPv4> ttl 255
 
ExecStart=/sbin/ip link set he-ipv6 up mtu 1480
 
ExecStart=/sbin/ip addr add <local IPv6>/64 dev he-ipv6
 
ExecStart=/sbin/ip -6 route add ::/0 dev he-ipv6
 
ExecStop=/sbin/ip -6 route del ::/0 dev he-ipv6
 
ExecStop=/sbin/ip link set he-ipv6 down
 
ExecStop=/sbin/ip tunnel del he-ipv6
 
 
 
[Install]
 
WantedBy=multi-user.target
 
 
 
</nowiki>}}
 
 
 
== Logmein Hamachi ==
 
{{hc|/etc/systemd/system/logmein-hamachi.service|<nowiki>
 
[Unit]
 
Description=LogMeIn Hamachi daemon
 
After=local-fs.target network.target
 
 
 
[Service]
 
ExecStart=/opt/logmein-hamachi/bin/hamachid
 
Type=forking
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== Filesystem mounts ==
 
''See: [[Systemd#Filesystem_mounts]]''
 
 
 
== screen ==
 
Autostarts screen for the specified user. (e.g. `systemctl enable screen@florian.service`)
 
{{hc|/etc/systemd/system/screen@.service|<nowiki>
 
[Unit]
 
Description=screen
 
After=network.target
 
 
 
[Service]
 
Type=forking
 
User=%i
 
ExecStart=/usr/bin/screen -dmS autoscreen
 
ExecStop=/usr/bin/screen -S autoscreen -X quit
 
 
 
[Install]
 
WantedBy=multi-user.target</nowiki>}}
 
 
 
== Static Ethernet network ==
 
 
 
This is a custom service file for static Ethernet configurations.
 
{{hc|/etc/conf.d/network|<nowiki>
 
interface=eth0
 
address=192.168.0.1
 
netmask=24
 
broadcast=192.168.0.255
 
gateway=192.168.0.254</nowiki>}}
 
 
 
{{hc|/etc/systemd/system/network.service|<nowiki>
 
[Unit]
 
Description=Network Connectivity
 
Wants=network.target
 
Before=network.target
 
BindsTo=sys-subsystem-net-devices-${interface}.device
 
After=sys-subsystem-net-devices-${interface}.device
 
 
 
 
 
[Service]
 
Type=oneshot
 
RemainAfterExit=yes
 
EnvironmentFile=/etc/conf.d/network
 
ExecStart=/sbin/ip link set dev ${interface} up
 
ExecStart=/sbin/ip addr add ${address}/${netmask} broadcast ${broadcast} dev ${interface}
 
ExecStart=/sbin/ip route add default via ${gateway}
 
 
 
ExecStop=/sbin/ip addr flush dev ${interface}
 
ExecStop=/sbin/ip link set dev ${interface} down
 
 
 
[Install]
 
WantedBy=multi-user.target</nowiki>}}
 
 
 
== Set network interface in promiscuous mode ==
 
{{hc|/etc/systemd/system/promiscuous@.service|<nowiki>
 
[Unit]
 
Description=Set %i interface in promiscuous mode
 
 
 
[Service]
 
Type=oneshot
 
ExecStart=/usr/sbin/ip link set dev %i promisc on
 
RemainAfterExit=yes
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
If you want to enable promiscuous mode on interface {{ic|1=eth0}} run:
 
 
 
  # systemctl enable promiscuous@eth0.service
 
 
 
==shellinaboxd==
 
[http://code.google.com/p/shellinabox/]: "Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator."
 
{{hc|/etc/systemd/system/shellinabox.service (do not name it shellinaboxd.service if you installed it from AUR) |<nowiki>
 
[Unit]
 
Description=Serve a login-terminal over http on  port 4200.
 
Required=sshd.service
 
After=sshd.service
 
 
 
[Service]
 
User=root
 
Type=forking
 
ExecStart=/usr/bin/shellinaboxd -s/:SSH -b -p 4200 -c /tmp --css=/usr/share/doc/shellinabox/white-on-black.css
 
ExecReload=/bin/kill -HUP $MAINPID
 
KillMode=process
 
Restart=on-abort
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
==tmux==
 
Starts tmux for specified user (eg. tmux@main-user.service)
 
{{hc|/etc/systemd/system/tmux@.service|<nowiki>
 
[Unit]
 
Description=Start tmux in detached session
 
 
 
[Service]
 
Type=forking
 
ExecStart=/usr/bin/tmux new-session -s %u -d
 
ExecStop=/usr/bin/tmux kill-session -t %u
 
User=%I
 
KillMode=none
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== tpfand ==
 
{{hc|/etc/systemd/system/tpfand.service|<nowiki>
 
[Unit]
 
Description=ThinkPad Fan Control
 
 
 
[Service]
 
Type=forking
 
PIDFile=/var/run/tpfand.pid
 
ExecStart=/usr/sbin/tpfand
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== truecrypt volume setup==
 
This service employ truecrypt as a mapper only and requires you to create an entry in fstab to mount the mapped & unencrypted device to your desired mountpoint like for instance so:
 
{{hc|/etc/fstab|<nowiki>
 
/dev/mapper/truecrypt1  /home/          ext4 defaults        0      2</nowiki>}}
 
 
 
The {{ic|2}} means your fs will be fscked regularly.
 
 
 
{{hc|/usr/lib/systemd/system/truecrypt@.service|<nowiki>
 
[Unit]
 
Description=Truecrypt Setup for %I
 
DefaultDependencies=no
 
Conflicts=umount.target
 
Before=umount.target
 
After=systemd-readahead-collect.service systemd-readahead-replay.service
 
 
 
[Service]
 
RemainAfterExit=yes
 
StandardInput=tty-force
 
ExecStart=/usr/bin/truecrypt --filesystem=none %I
 
ExecStop=/usr/bin/truecrypt --filesystem=none -d %I
 
 
 
[Install]
 
WantedBy=cryptsetup.target</nowiki>}}
 
 
 
If your encrypted volume is {{ic|1=/dev/sda2}}, you would enable the service with this command:
 
# systemctl enable truecrypt@dev-sda2.service
 
 
 
{{Note|1=Although it works, this service should stil be considered experimental, there might be better solutions to use truecrypt with systemd. If you use mpd or any other programme that needs to access the encrypted filesystem, put it into the  line starting with {{ic|1=Before=}}. Cheers to dgbaley27 for basically writing this! Improvements welcome!}}
 
 
 
{{Note|This way of doing it (specifically the use of tty-force) is not recommended according to [http://lists.freedesktop.org/archives/systemd-devel/2012-October/006905.html this thread], which suggests an alternative approach similar to that taken for LUKS.}}
 
 
 
== truecrypt (mount encrypted fs) ==
 
{{hc|/etc/systemd/system/multi-user.target/truecrypt-mount.service|<nowiki>
 
[Unit]
 
Description=Mount Truecrypt-encrypted filesystems
 
ConditionFileIsExecutable=/usr/bin/truecrypt
 
#Requires=truecrypt-unmount.service
 
#Before=mpd.service
 
 
[Service]
 
Type=oneshot
 
ExecStart=/usr/bin/truecrypt -t /dev/sdXY /MOUNTPOINT
 
StandardInput=tty-force
 
RemainAfterExit=yes
 
 
[Install]
 
WantedBy=multi-user.target
 
#Also=truecrypt-unmount.service
 
</nowiki>}}
 
 
 
{{Note|1=Gleaned  from [https://bbs.archlinux.org/viewtopic.php?pid=1163760#p1163760 bpont on the forums]. If you use mpd and have your music dir in ~, uncomment {{ic|1=Before=mpd.service}}, which takes care that mpd is started after this script. If you also use {{ic|1=truecrypt-unmount.service}} (see next service) uncomment the {{ic|1=Requires=truecrypt-unmount.service}} and {{ic|1=Also=truecrypt-unmount.service}} so it gets installed and activated by systemd automatically when using this script.}}
 
 
 
== truecrypt (unmount encrypted fs) ==
 
{{hc|/etc/systemd/system/multi-user/truecrypt-unmount.service|<nowiki>
 
[Unit]
 
Description=Truecrypt unmount on shutdown, poweroff, reboot, system halt
 
Before=local-fs-pre.target
 
#Before=mpd.service
 
ConditionPathExistsGlob=/media/truecrypt*
 
DefaultDependencies=no
 
 
 
[Service]
 
Type=oneshot
 
ExecStart=/usr/bin/truecrypt -d
 
TimeoutSec=5
 
StandardInput=tty
 
 
 
[Install]
 
WantedBy=shutdown.target reboot.target halt.target poweroff.target
 
</nowiki>}}
 
 
 
{{Note|1=I don't know if this works yet. It may be necessary to replace {{ic|1=TimeoutSec=5}} with {{ic|1=ExecStart=sleep 5}}. If you use {{ic|mpd}}, make sure to uncomment {{ic|1=Before=mpd.service}} to make sure this service is executed after mpd is closed down (different order during the shutdown of processes than during start up!). Script gleaned from [https://bbs.archlinux.org/viewtopic.php?pid=1163334#p1163334 tladuke on the forums].}}
 
 
 
== MPD Socket Activation ==
 
If the following mpd.socket file is enabled while mpd.service (provided by {{Pkg|mpd}}) is disabled, systemd will not start mpd immediately, but it will listen on the appropriate sockets.  When an mpd client attempts to connect on one of those sockets, systemd will start mpd.service and transparently hand over control of those ports to the mpd process.
 
 
 
If you prefer to listen on different UNIX sockets or network ports (even multiple sockets of each type), or if you prefer not to listen on network ports at all, you should add/edit/remove the appropriate "ListenStream=" lines in the [Socket] section of mpd.socket ''AND'' modify the appropriate lines /etc/mpd.conf (see "man 5 mpd.conf" for more details).
 
 
 
If you use different (even multiple) network or local sockets, or prefer not to use network sockets at all, simply add, change, or remove lines beginning with "ListenStream=" in the [Socket] section.
 
{{hc|/usr/lib/systemd/system/mpd.socket|<nowiki>
 
[Unit]
 
Description=Music Player Daemon Sockets
 
 
 
[Socket]
 
ListenStream=/var/run/mpd/socket
 
ListenStream=6600
 
 
 
[Install]
 
WantedBy=sockets.target
 
</nowiki>}}
 
 
 
== VideoLAN 2.0 ==
 
Change the '''User''' parameter.
 
 
 
{{hc|/etc/systemd/system/vlc.service|<nowiki>
 
[Unit]
 
Description=VideoOnLAN Service
 
After=network.target
 
 
 
[Service]
 
Type=forking
 
User=nobody
 
ExecStart=/usr/bin/cvlc --intf=lua --lua-intf=http --daemon --http-port 8090
 
Restart=on-abort
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== Xvfb ==
 
Change the '''User'''/'''Group''' parameters.
 
{{hc|/etc/systemd/system/xinit.service|<nowiki>
 
[Unit]
 
Description=xinit with xvfb
 
After=network.target
 
 
 
[Service]
 
User=bitlbee
 
Group=bitlbee
 
ExecStart=/usr/bin/xvfb-run bash %h/.xinitrc
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== Nexus ==
 
This is for Sonatype's Nexus OSS Artifact Repository.
 
{{AUR|nexus2}} is in the [[AUR]].
 
 
 
{{hc|/etc/systemd/system/nexus.service|<nowiki>
 
[Unit]
 
Description=Nexus OSS Artifact Repository
 
 
 
[Service]
 
Type=forking
 
EnvironmentFile=-/etc/conf.d/nexus
 
ExecStart=/opt/nexus/bin/nexus start
 
ExecStop=/opt/nexus/bin/nexus stop
 
ExecReload=/opt/nexus/bin/nexus restart
 
PIDFile=/opt/nexus/run/nexus.pid
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== Gitlab ==
 
 
 
{{hc|/etc/systemd/system/gitlab.service|<nowiki>
 
[Unit]
 
Description=Self Hosted Git Management
 
Requires=postgresql.service redis.service
 
After=postgresql.service redis.service
 
Wants=postfix.service gitlab-worker.service
 
 
 
[Service]
 
Type=forking
 
User=gitlab
 
WorkingDirectory=/home/gitlab/gitlab
 
ExecStart=/home/gitlab/gitlab/script/rails server -d -e production
 
PIDFile=/home/gitlab/gitlab/tmp/pids/server.pid
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
{{hc|/etc/systemd/system/gitlab-worker.service|<nowiki>
 
[Unit]
 
Description=Gitlab Resque Worker
 
Requires=redis.service
 
After=redis.service
 
Wants=postfix.service postgresql.service
 
 
 
[Service]
 
Type=forking
 
User=gitlab
 
WorkingDirectory=/home/gitlab/gitlab
 
ExecStart=/bin/bash -c '. ~/.bashrc; . ./resque.sh'
 
ExecStopPost=/usr/bin/rm /home/gitlab/gitlab/tmp/pids/resque_worker.pid
 
PIDFile=/home/gitlab/gitlab/tmp/pids/resque_worker.pid
 
</nowiki>}}
 
 
 
== Cisco AnyConnect VPN ==
 
 
 
{{hc|/etc/systemd/system/ciscovpn.service|<nowiki>
 
[Unit]
 
Description=Cisco AnyConnect Secure Mobility Client Agent
 
Requires=network.target remote-fs.target
 
After=network.target remote-fs.target
 
 
 
[Service]
 
Type=forking
 
PIDFile=/var/run/vpnagentd.pid
 
ExecStart=/opt/cisco/anyconnect/bin/vpnagentd
 
ExecStop=/usr/bin/killall /opt/cisco/anyconnect/bin/vpnagentd
 
Restart=on-abort
 
 
 
[Install]
 
# one may want to use multi-user.target instead
 
WantedBy=graphical.target
 
</nowiki>}}
 
 
 
== Emacs Daemon ==
 
{{hc|/etc/systemd/system/emacs@.service|<nowiki>
 
[Unit]
 
Description=Emacs: the extensible, self-documenting text editor
 
 
 
[Service]
 
Type=forking
 
ExecStart=/usr/bin/emacs --daemon --chdir %h
 
ExecStop=/usr/bin/emacsclient --eval "(progn (setq kill-emacs-hook 'nil) (kill-emacs))"
 
Restart=always
 
User=%i
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
Then, to enable the unit for your user:
 
 
 
# systemctl enable emacs@<username>
 
# systemctl start emacs@<username>
 
 
 
Source: [http://www.emacswiki.org/emacs/EmacsAsDaemon#toc8 EmacsWiki].
 
 
 
== Monkey http server deamon ==
 
{{hc|/etc/systemd/system/monkey.service|<nowiki>
 
[Unit]
 
Description=Monkey http server deamon
 
After=network.target
 
 
 
[Service]
 
Type=forking
 
ExecStart=/YOUR/PATH/TO/monkey/bin/monkey -D
 
ExecStop=/bin/kill $MAINPID
 
ExecReload=/bin/kill $MAINPID ; /YOUR/PATH/TO/monkey/bin/monkey -D
 
PIDFile=/YOUR/PATH/TO/monkey/monkey.pid.80
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
{{Note|1= Replace /YOUR/PATH/TO entries with the path to monkey on your system}}
 
{{Note|1= PIDFile= entry should point to pidfile location specified in your monkey config file. The configured port number should be appended to the filename}}
 
{{Note|1=Gist available at: [git://gist.github.com/4238052.git github].}}
 
 
 
== VirtualBox virtual machines ==
 
 
 
{{hc|/etc/systemd/system/vboxvmservice@.service|<nowiki>
 
[Unit]
 
Description=VBox Virtual Machine %i Service
 
Requires=systemd-modules-load.service
 
After=systemd-modules-load.service
 
 
 
[Service]
 
User=user
 
Group=vboxusers
 
ExecStart=/usr/bin/VBoxHeadless -s %i
 
ExecStop=/usr/bin/VBoxManage controlvm %i savestate
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
{{Note|1= Each virtual machine has its own service. Replace user with a user that is a member of the vboxusers group.
 
systemctl enable vboxvmservice@<vm name>.service
 
systemctl start vboxvmservice@<vm name>.service}}
 
{{Note|1=As of VirtualBox 4.2 there is another way to get virtual machines going: http://lifeofageekadmin.com/how-to-set-your-virtualbox-vm-to-automatically-startup/ Please edit the [[VirtualBox]] page if you figure it out.}}
 
 
 
== redmine ==
 
{{hc|/etc/systemd/system/redmine.service|<nowiki>
 
[Unit]
 
Description=Redmine server
 
After=syslog.target
 
After=network.target
 
 
 
[Service]
 
Type=simple
 
User=redmine2
 
Group=redmine2
 
Environment=GEM_HOME=/home/redmine2/.gem/
 
ExecStart=/usr/bin/ruby /usr/share/webapps/redmine/script/rails server webrick -e production
 
 
 
# Give a reasonable amount of time for the server to start up/shut down
 
TimeoutSec=300
 
 
 
[Install]
 
WantedBy=multi-user.target
 
</nowiki>}}
 
 
 
== See also ==
 
 
 
* [[Pacman_Tips#Backing_up_Local_database_with_Systemd|Backing up Local Pacman database with Systemd]]
 
* [[systemd]]
 
* [http://en.gentoo-wiki.com/wiki/Systemd systemd at gentoo wiki]
 

Latest revision as of 14:34, 15 May 2015

Redirect to: