aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.ansible/roles/vault/templates/vault_systemd.service.j2
diff options
context:
space:
mode:
Diffstat (limited to 'fdio.infra.ansible/roles/vault/templates/vault_systemd.service.j2')
-rw-r--r--fdio.infra.ansible/roles/vault/templates/vault_systemd.service.j230
1 files changed, 30 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/vault/templates/vault_systemd.service.j2 b/fdio.infra.ansible/roles/vault/templates/vault_systemd.service.j2
new file mode 100644
index 0000000000..5d2ca78b2e
--- /dev/null
+++ b/fdio.infra.ansible/roles/vault/templates/vault_systemd.service.j2
@@ -0,0 +1,30 @@
+[Unit]
+Description=Vault
+Documentation=https://www.vaultproject.io/docs/
+Requires=network-online.target
+After=network-online.target
+
+[Service]
+User={{ vault_user }}
+Group={{ vault_group }}
+ProtectSystem=full
+ProtectHome=read-only
+PrivateTmp=yes
+PrivateDevices=yes
+NoNewPrivileges=yes
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStart={{ vault_bin_dir }}/vault {{ vault_node_role }} -config={{ vault_config_dir }}
+KillMode=process
+KillSignal=SIGINT
+Restart=on-failure
+RestartSec=5
+TimeoutStopSec=30
+StartLimitInterval=60
+StartLimitBurst=3
+LimitNOFILE=524288
+LimitNPROC=524288
+LimitMEMLOCK=infinity
+LimitCORE=0
+
+[Install]
+WantedBy=multi-user.target \ No newline at end of file