47 lines
1.1 KiB
Text
47 lines
1.1 KiB
Text
|
{{ ansible_managed | comment }}
|
||
|
|
|
||
|
|
[Unit]
|
||
|
|
Description = Redis for Mastodon
|
||
|
|
|
||
|
|
[Service]
|
||
|
|
Restart = always
|
||
|
|
RestartSec = 5s
|
||
|
|
|
||
|
|
[Container]
|
||
|
|
Image = {{ mastodon_redis_containerimage }}:{{ mastodon_redis_image_tag }}
|
||
|
|
ContainerName = mastodon-redis
|
||
|
|
|
||
|
|
HealthCmd = CMD redis-cli -s /run/redis/redis.sock ping
|
||
|
|
|
||
|
|
Exec = redis-server /usr/lib/redis/redis.conf
|
||
|
|
|
||
|
|
# AutoUpdate = registry
|
||
|
|
LogDriver = journald
|
||
|
|
|
||
|
|
NoNewPrivileges = true
|
||
|
|
ReadOnly = true
|
||
|
|
DropCapability = all
|
||
|
|
AddCapability = CHOWN DAC_OVERRIDE SETUID SETGID
|
||
|
|
UserNS = auto:size=65535
|
||
|
|
{% if mastodon_redis_selinux_level != omit %}
|
||
|
|
SecurityLabelLevel = {{ mastodon_redis_selinux_level }}
|
||
|
|
{% endif %}
|
||
|
|
|
||
|
|
User = redis
|
||
|
|
Group = redis
|
||
|
|
|
||
|
|
# Sysctl = vm.overcommit_memory=1
|
||
|
|
|
||
|
|
Volume = mastodon-redis-socket:/run/redis:U,z
|
||
|
|
Volume = {{ mastodon_install_location }}/redis.conf:/usr/lib/redis/redis.conf:U,ro
|
||
|
|
Volume = {{ mastodon_redis_location }}:/data:U
|
||
|
|
|
||
|
|
Tmpfs = /run:rw,noexec,nosuid,nodev,size=1m
|
||
|
|
|
||
|
|
PodmanArgs = --memory={{ mastodon_redis_memory_high }}
|
||
|
|
PodmanArgs = --memory-swap={{ mastodon_redis_swap_max }}
|
||
|
|
PodmanArgs = --memory-reservation={{ mastodon_redis_memory_low }}
|
||
|
|
|
||
|
|
[Install]
|
||
|
|
WantedBy = default.target
|