#jinja2: lstrip_blocks: "True" [Unit] Description=matrix_ldap_registration_proxy {% for service in matrix_ldap_registration_proxy_systemd_required_services_list %} Requires={{ service }} After={{ service }} {% endfor %} {% for service in matrix_ldap_registration_proxy_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix_ldap_registration_proxy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix_ldap_registration_proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --read-only \ --network={{ matrix_docker_network }} \ {% if matrix_ldap_registration_proxy_container_http_host_bind_port %} -p {{ matrix_ldap_registration_proxy_container_http_host_bind_port }}:{{ matrix_ldap_registration_proxy_container_port }} \ {% endif %} --env-file {{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env \ {% for arg in matrix_ldap_registration_proxy_container_extra_arguments %} {{ arg }} \ {% endfor %} {{ matrix_ldap_registration_proxy_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ldap-registration-proxy [Install] WantedBy=multi-user.target