infrastructure/roles/mastodon/templates/mastodon-elasticsearch.container.j2

43 lines
1.1 KiB
Django/Jinja

{{ ansible_managed | comment }}
[Unit]
Description = ElasticSearch for Mastodon
[Service]
Restart = always
RestartSec = 5s
[Container]
Image = {{ mastodon_elasticsearch_containerimage }}:{{ mastodon_elasticsearch_image_tag }}
ContainerName = mastodon-elasticsearch
# To prevent it from using chroot
User = 1000
HealthCmd = CMD-SHELL curl --silent --fail localhost:9200/_cluster/health || exit 1
# AutoUpdate = registry
LogDriver = journald
NoNewPrivileges = true
DropCapability = all
UserNS = auto:size=65535
{% if mastodon_elasticsearch_selinux_level != omit %}
SecurityLabelLevel = {{ mastodon_elasticsearch_selinux_level }}
{% endif %}
EnvironmentFile = {{ mastodon_install_location }}/mastodon-elasticsearch.env
Network = mastodon-backend.network:alias=backend-mastodon-elasticsearch
Volume = {{ mastodon_elasticsearch_location }}:/usr/share/elasticsearch/data:U
Ulimit = nofile=65536:65536
Ulimit = memlock=-1:-1
PodmanArgs = --memory={{ mastodon_memory_high }}
PodmanArgs = --memory-swap={{ mastodon_swap_max }}
PodmanArgs = --memory-reservation={{ mastodon_memory_low }}
[Install]
WantedBy = default.target