formula-vault/vault/files/vault_systemd.service.jinja

18 lines
661 B
Django/Jinja

{%- from "vault/map.jinja" import vault with context -%}
[Unit]
Description=vault server
Requires=network-online.target
After=network-online.target{% if vault.storage and vault.storage.type == "consul" %} consul.service{% endif %}
[Service]
EnvironmentFile=-/etc/sysconfig/vault
User={{ vault.user }}
Group={{ vault.group }}
ExecStart=/usr/local/bin/vault server {% if vault.dev_mode %}-dev{% else %}-config="/etc/vault.d/config.hcl"{% endif %}
ExecReload=/bin/kill -signal HUP $MAINPID
ExecStop=/usr/local/bin/vault operator step-down
Restart=on-failure
CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
SecureBits=keep-caps
NoNewPrivileges=yes
KillSignal=SIGINT