finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Replace cronjobs with systemd timers

Browse Source 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/756

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/737

I feel like timers are somewhat more complicated and dirty (compared to
cronjobs), but they come with these benefits:

- log output goes to journald
- on newer systemd distros, you can see when the timer fired, when it
will fire, etc.
- we don't need to rely on cron (reducing our dependencies to just
systemd + Docker)

Cronjobs work well, but it's one more dependency that needs to be
installed. We were even asking people to install it manually
(in `docs/prerequisites.md`), which could have gone unnoticed.

Once in a while someone says "my SSL certificates didn't renew"
and it's likely because they forgot to install a cron daemon.

Switching to systemd timers means that installation is simpler
and more unified.
This commit is contained in:
Slavi Pantaleev
2021-01-14 23:23:46 +02:00
parent 05ca9357a8
commit e1690722f7
21 changed files with 190 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 Normal file
View File

@ -0,0 +1,6 @@
[Unit]
Description=Renews Let's Encrypt SSL certificates
[Service]
Type=oneshot
ExecStart={{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew

10
roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Renews Let's Encrypt SSL certificates periodically
[Timer]
Unit=matrix-ssl-lets-encrypt-certificates-renew.service
OnCalendar=Sunday *-*-* 05:00:00
RandomizedDelaySec=3h
[Install]
WantedBy=timers.target

6
roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 Normal file
View File

@ -0,0 +1,6 @@
[Unit]
Description=Reloads matrix-nginx-proxy so that new SSL certificates can kick in
[Service]
Type=oneshot
ExecStart={{ matrix_host_command_systemctl }} reload matrix-nginx-proxy.service

10
roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Reloads matrix-nginx-proxy periodically so that new SSL certificates can kick in
[Timer]
Unit=matrix-ssl-nginx-proxy-reload.service
OnCalendar=Sunday *-*-* 13:00:00
RandomizedDelaySec=3h
[Install]
WantedBy=timers.target