From 3d1dead13b5f3d7674b98a3f8684686d8fbc681e Mon Sep 17 00:00:00 2001 From: Georg Date: Wed, 21 Jul 2021 12:47:30 +0200 Subject: [PATCH] Initial Systemd Service Run: 2/3 Signed-off-by: Georg --- systemd/calico.service | 12 ++++++++++++ systemd/confluence.service | 19 +++++++++++++++++++ systemd/dyndns-pdns.service | 15 +++++++++++++++ systemd/etherpad.service | 16 ++++++++++++++++ systemd/gitea.service | 21 +++++++++++++++++++++ systemd/kfcgi.service | 14 ++++++++++++++ systemd/litterbox@.service | 16 ++++++++++++++++ systemd/pounce@.service | 14 ++++++++++++++ systemd/shodan.service | 19 +++++++++++++++++++ systemd/xen-orchestra.service | 16 ++++++++++++++++ 10 files changed, 162 insertions(+) create mode 100644 systemd/calico.service create mode 100644 systemd/confluence.service create mode 100644 systemd/dyndns-pdns.service create mode 100644 systemd/etherpad.service create mode 100644 systemd/gitea.service create mode 100644 systemd/kfcgi.service create mode 100644 systemd/litterbox@.service create mode 100644 systemd/pounce@.service create mode 100644 systemd/shodan.service create mode 100644 systemd/xen-orchestra.service diff --git a/systemd/calico.service b/systemd/calico.service new file mode 100644 index 0000000..18bbbbf --- /dev/null +++ b/systemd/calico.service @@ -0,0 +1,12 @@ +[Unit] +Description=calico +Wants=network.target + +[Service] +User=pounce +Group=pounce +ExecStart=/usr/local/bin/calico -H irc.lsd.systems -P 6561 /var/run/calico +RuntimeDirectory=calico + +[Install] +WantedBy=multi-user.target diff --git a/systemd/confluence.service b/systemd/confluence.service new file mode 100644 index 0000000..9a479e2 --- /dev/null +++ b/systemd/confluence.service @@ -0,0 +1,19 @@ +[Unit] +Description = Confluence Server +After=syslog.target network.target + +[Service] +Type=forking +#Environment=CONFLUENCE_HOME=/opt/atlassian/homes/confluence +Environment=JAVA_HOME=/opt/jdk +PermissionsStartOnly=true +User=confluence +Group=atlassian +ExecStart=/opt/confluence/bin/startup.sh +ExecStop=/opt/confluence/bin/shutdown.sh +TimeoutStartSec=120 +TimeoutStopSec=600 +PrivateTmp=true + +[Install] +WantedBy = multi-user.target diff --git a/systemd/dyndns-pdns.service b/systemd/dyndns-pdns.service new file mode 100644 index 0000000..7175bfe --- /dev/null +++ b/systemd/dyndns-pdns.service @@ -0,0 +1,15 @@ +[Unit] +Description=Dynamic DNS Collector +After=network.target + +[Service] +Type=simple +User=dyndns +Group=dyndns +WorkingDirectory=/opt/dyndns/ +ExecStart=/opt/dyndns/go/bin/dyndns-pdns -config=/opt/dyndns/config.yml +RestartSec=15 +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/systemd/etherpad.service b/systemd/etherpad.service new file mode 100644 index 0000000..5bc093e --- /dev/null +++ b/systemd/etherpad.service @@ -0,0 +1,16 @@ +[Unit] +Description=etherpad-lite +After=syslog.target network.target + +[Service] +Type=simple +User=etherpad +Group=etherpad +WorkingDirectory=/opt/etherpad +Environment=NODE_ENV=production +Environment=PATH=/opt/etherpad/.nvm/versions/node/v16.4.0/bin:/usr/local/bin:/usr/bin:/bin:/usr/lib/mit/bin:/usr/lib/mit/sbin +ExecStart=/opt/etherpad/.nvm/versions/node/v16.4.0/bin/node /opt/etherpad/etherpad-lite/src/node/server.js +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/systemd/gitea.service b/systemd/gitea.service new file mode 100644 index 0000000..895f2f1 --- /dev/null +++ b/systemd/gitea.service @@ -0,0 +1,21 @@ +[Unit] +Description=Gitea (Git with a cup of tea) +After=syslog.target +After=network.target +Wants=mysqld.service +After=mysqld.service + +[Service] +RestartSec=2s +Type=simple +User=git +Group=git +WorkingDirectory=/var/lib/gitea/ + +ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini +Restart=always +Environment=USER=git HOME=/var/lib/git GITEA_WORK_DIR=/var/lib/gitea + +[Install] +WantedBy=multi-user.target + diff --git a/systemd/kfcgi.service b/systemd/kfcgi.service new file mode 100644 index 0000000..f9027f8 --- /dev/null +++ b/systemd/kfcgi.service @@ -0,0 +1,14 @@ +[Unit] +Description=kfcgi server for scooper +After=litterbox@.service var-lib-pounce-.local-dev.mount var-lib-pounce-.local-usr.mount var-lib-pounce-.local-lib.mount var-lib-pounce-.local-lib64.mount +Requires=litterbox@.service var-lib-pounce-.local-dev.mount var-lib-pounce-.local-usr.mount var-lib-pounce-.local-lib.mount var-lib-pounce-.local-lib64.mount +Wants=network.target + + +[Service] +User=root +Group=pounce +ExecStart=/usr/local/sbin/kfcgi -d -n 8 -l 16 -u nginx -s /var/run/kfcgi/scooper.sock -U pounce -p /var/lib/pounce/.local -- /bin/scooper /share/litterbox/litterbox.sqlite + +[Install] +WantedBy=multi-user.target diff --git a/systemd/litterbox@.service b/systemd/litterbox@.service new file mode 100644 index 0000000..85f0e92 --- /dev/null +++ b/systemd/litterbox@.service @@ -0,0 +1,16 @@ +[Unit] +Description=litterbox for %i +After=pounce@%i.service +Requires=pounce@%i.service +Wants=network.target + +[Service] +User=pounce +Group=pounce +ExecStart=/usr/local/bin/litterbox /var/lib/pounce/.config/litterbox/%i +Restart=always +RestartSec=15 +SyslogIdentifier=litterbox-%i + +[Install] +WantedBy=multi-user.target diff --git a/systemd/pounce@.service b/systemd/pounce@.service new file mode 100644 index 0000000..79c7881 --- /dev/null +++ b/systemd/pounce@.service @@ -0,0 +1,14 @@ +[Unit] +Description=pounce for %i +Wants=network.target + +[Service] +User=pounce +Group=pounce +ExecStart=/usr/local/bin/pounce /var/lib/pounce/.config/pounce/%i +Restart=always +RestartSec=15 +SyslogIdentifier=pounce-%i + +[Install] +WantedBy=multi-user.target diff --git a/systemd/shodan.service b/systemd/shodan.service new file mode 100644 index 0000000..61b3359 --- /dev/null +++ b/systemd/shodan.service @@ -0,0 +1,19 @@ +[Unit] +Description=Limnoria (shodan) +After=network.target + +[Service] +Type=simple +ExecStart=/opt/limnoria/shodan/venv/bin/supybot /opt/limnoria/shodan/shodan.conf +ExecReload=/bin/kill -HUP $MAINPID +Restart=always +User=shodan +Group=shodan +SyslogIdentifier=shodan +SystemCallFilter=~@raw-io @clock @cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io +ProtectSystem=strict +ProtectHome=read-only +ReadWritePaths=/opt/limnoria/shodan + +[Install] +WantedBy=multi-user.target diff --git a/systemd/xen-orchestra.service b/systemd/xen-orchestra.service new file mode 100644 index 0000000..766eae1 --- /dev/null +++ b/systemd/xen-orchestra.service @@ -0,0 +1,16 @@ +[Unit] +Description=Xen-Orchestra +After=redis@xen-orchestra.service +Wants=network.target redis@xen-orchestra.service + +[Service] +User=xo +Group=xo +ENVIRONMENT=NODE_ENV=PRODUCTION +ExecStart=/opt/xen-orchestra/start.sh +Restart=always +RestartSec=15 +SyslogIdentifier=orchestra + +[Install] +WantedBy=multi-user.target