2018-05-15 02:28:16 -04:00
|
|
|
{%- from statepath + '/map.jinja' import vault with context -%}
|
2017-04-24 10:48:25 -04:00
|
|
|
[Unit]
|
|
|
|
Description=vault server
|
|
|
|
Requires=network-online.target
|
2018-05-15 02:13:54 -04:00
|
|
|
After=network-online.target{% if vault.config.storage and vault.config.storage.type == "consul" %} consul.service{% endif %}
|
2017-04-24 10:48:25 -04:00
|
|
|
|
|
|
|
[Service]
|
|
|
|
EnvironmentFile=-/etc/sysconfig/vault
|
2018-05-15 02:13:54 -04:00
|
|
|
User={{ user }}
|
|
|
|
Group={{ group }}
|
|
|
|
ExecStart=/usr/local/bin/vault server {% if vault.config.dev_mode %}-dev{% else %}-config="/etc/vault.d/config.hcl"{% endif %}
|
2018-05-15 00:42:18 -04:00
|
|
|
ExecReload=/bin/kill -signal HUP $MAINPID
|
|
|
|
ExecStop=/usr/local/bin/vault operator step-down
|
|
|
|
Restart=on-failure
|
|
|
|
CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
|
|
|
|
SecureBits=keep-caps
|
|
|
|
NoNewPrivileges=yes
|
|
|
|
KillSignal=SIGINT
|