diff options
Diffstat (limited to '')
-rw-r--r-- | admin/systemd/haproxy.service.in | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/admin/systemd/haproxy.service.in b/admin/systemd/haproxy.service.in new file mode 100644 index 0000000..22a53d8 --- /dev/null +++ b/admin/systemd/haproxy.service.in @@ -0,0 +1,37 @@ +[Unit] +Description=HAProxy Load Balancer +After=network-online.target +Wants=network-online.target + +[Service] +EnvironmentFile=-/etc/default/haproxy +EnvironmentFile=-/etc/sysconfig/haproxy +Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "EXTRAOPTS=-S /run/haproxy-master.sock" +ExecStart=@SBINDIR@/haproxy -Ws -f $CONFIG -p $PIDFILE $EXTRAOPTS +ExecReload=@SBINDIR@/haproxy -Ws -f $CONFIG -c $EXTRAOPTS +ExecReload=/bin/kill -USR2 $MAINPID +KillMode=mixed +Restart=always +SuccessExitStatus=143 +Type=notify + +# The following lines leverage SystemD's sandboxing options to provide +# defense in depth protection at the expense of restricting some flexibility +# in your setup (e.g. placement of your configuration files) or possibly +# reduced performance. See systemd.service(5) and systemd.exec(5) for further +# information. + +# NoNewPrivileges=true +# ProtectHome=true +# If you want to use 'ProtectSystem=strict' you should whitelist the PIDFILE, +# any state files and any other files written using 'ReadWritePaths' or +# 'RuntimeDirectory'. +# ProtectSystem=true +# ProtectKernelTunables=true +# ProtectKernelModules=true +# ProtectControlGroups=true +# If your SystemD version supports them, you can add: @reboot, @swap, @sync +# SystemCallFilter=~@cpu-emulation @keyring @module @obsolete @raw-io + +[Install] +WantedBy=multi-user.target |