{{ ansible_managed | comment }}

[Unit]
Description = Mastodon Web Server
Requires = mastodon-postgres.service mastodon-redis.service mastodon-elasticsearch.service
After = mastodon-postgres.service mastodon-redis.service mastodon-elasticsearch.service

[Service]
Restart = always
RestartSec = 5s

[Container]
Image = {{ mastodon_containerimage }}:{{ mastodon_image_tag }}
ContainerName = mastodon-web

HealthCmd = CMD-SHELL curl -s --noproxy localhost localhost:3000/health | grep -q 'OK' || exit 1

Exec = bundle exec puma -C config/puma.rb

# AutoUpdate = registry
LogDriver = journald

NoNewPrivileges = true
DropCapability = all
UserNS = auto:size=65535
{% if mastodon_selinux_level != omit %}
SecurityLabelLevel = {{ mastodon_selinux_level }}
{% endif %}

Network = mastodon-frontend.network
Network = mastodon-backend.network:alias=backend-mastodon-web

EnvironmentFile = {{ mastodon_install_location }}/mastodon.env

Volume = {{ mastodon_public_location }}:/mastodon/public/system:U

Volume = mastodon-postgres-socket:/var/run/postgresql:z
Volume = mastodon-redis-socket:/run/redis:z

PodmanArgs = --memory={{ mastodon_memory_high }}
PodmanArgs = --memory-swap={{ mastodon_swap_max }}
PodmanArgs = --memory-reservation={{ mastodon_memory_low }}

[Install]
WantedBy = default.target