Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x
- Puppet >= 7.9.0 < 9.0.0
- Archlinux, Gentoo, , , , , , , , ,
Tasks:
- systemctl_show
Start using this module
Add this module to your Puppetfile:
mod 'puppet-systemd', '8.0.0'
Learn more about managing modules with a PuppetfileDocumentation
Systemd
Overview
This module declares exec resources to create global sync points for reloading systemd.
Version 2 and newer of the module don't work with Hiera 3! You need to migrate your existing Hiera setup to Hiera 5
Usage and examples
There are two ways to use this module.
unit files
Let this module handle file creation.
systemd::unit_file { 'foo.service':
source => "puppet:///modules/${module_name}/foo.service",
}
~> service { 'foo':
ensure => 'running',
}
This is equivalent to:
file { '/etc/systemd/system/foo.service':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
source => "puppet:///modules/${module_name}/foo.service",
}
~> service { 'foo':
ensure => 'running',
}
You can also use this module to more fully manage the new unit. This example deploys the unit, reloads systemd and then enables and starts it.
systemd::unit_file { 'foo.service':
content => file("${module_name}/foo.service"),
enable => true,
active => true,
}
unit files from parameters
Create a unit file from parameters
systemd::manage_unit { 'myrunner.service':
unit_entry => {
'Description' => 'My great service',
},
service_entry => {
'Type' => 'oneshot',
'ExecStart' => '/usr/bin/doit.sh',
},
install_entry => {
'WantedBy' => 'multi-user.target',
},
enable => true,
active => true,
}
The parameters unit_entry
, service_entry
and install_entry
populate the
[Unit]
, [Service]
and [Install]
sections of the generated unit file.
Similarly units can be created from hiera yaml files
systemd::manage_units:
myservice.service:
unit_entry:
Description: My Customisation
service_entry:
CPUWeight: 2000
drop-in files
Drop-in files are used to add or alter settings of a unit without modifying the unit itself. As for the unit files, the module can handle the file and directory creation:
systemd::dropin_file { 'foo.conf':
unit => 'foo.service',
source => "puppet:///modules/${module_name}/foo.conf",
}
~> service { 'foo':
ensure => 'running',
}
This is equivalent to:
file { '/etc/systemd/system/foo.service.d':
ensure => directory,
owner => 'root',
group => 'root',
}
file { '/etc/systemd/system/foo.service.d/foo.conf':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
source => "puppet:///modules/${module_name}/foo.conf",
}
~> service { 'foo':
ensure => 'running',
}
dropin-files can also be generated via hiera:
systemd::dropin_files:
my-foo.conf:
unit: foo.service
source: puppet:///modules/${module_name}/foo.conf
drop-in files from parameters
systemd::manage_dropin { 'myconf.conf':
ensure => present,
unit => 'myservice.service',
service_entry => {
'Type' => 'oneshot',
'ExecStart' => ['', '/usr/bin/doit.sh'],
},
}
Dropins can also be created similarly via yaml
systemd::manage_dropins:
myconf.conf:
ensure: present
unit: myservice.service
service_entry:
Type: oneshot
ExecStart:
- ''
- '/usr/bin/doit.sh'
The filename of the drop in. The full path is determined using the path, unit and this filename.
modules-load.d
Create a file entry for modules-loads directory and start
systemd-modules-load.service
systemd::modules_load { 'impi.conf':
content => "ipmi\n",
}
tmpfiles
Let this module handle file creation and systemd reloading
systemd::tmpfile { 'foo.conf':
source => "puppet:///modules/${module_name}/foo.conf",
}
Or handle file creation yourself and trigger systemd.
include systemd::tmpfiles
file { '/etc/tmpfiles.d/foo.conf':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
source => "puppet:///modules/${module_name}/foo.conf",
}
~> Class['systemd::tmpfiles']
timer units
Create a systemd timer unit and a systemd service unit to execute from that timer
The following will create a timer unit and a service unit file.
When active
and enable
are set to true
the puppet service runoften.timer
will be
declared, started and enabled.
systemd::timer { 'runoften.timer':
timer_source => "puppet:///modules/${module_name}/runoften.timer",
service_source => "puppet:///modules/${module_name}/runoften.service",
active => true,
enable => true,
}
A trivial daily run.
In this case enable and active are both unset and so the service daily.timer
is not declared by the systemd::timer
type.
$_timer = @(EOT)
[Timer]
OnCalendar=daily
RandomizedDelaySec=1d
EOT
$_service = @(EOT)
[Service]
Type=oneshot
ExecStart=/usr/bin/touch /tmp/file
EOT
systemd::timer { 'daily.timer':
timer_content => $_timer,
service_content => $_service,
}
service { 'daily.timer':
ensure => running,
subscribe => Systemd::Timer['daily.timer'],
}
If neither service_content
or service_source
are specified then no
service unit will be created.
The service unit name can also be specified.
$_timer = @(EOT)
[Timer]
OnCalendar=daily
RandomizedDelaySec=1d
Unit=touch-me-today.service
EOT
$_service = @(EOT)
[Service]
Type=oneshot
ExecStart=/usr/bin/touch /tmp/file
EOT
systemd::timer { 'daily.timer':
timer_content => $_timer,
service_unit => 'touch-me-today.service',
service_content => $_service,
active => true,
enable => true,
}
service limits
It's possible to ensure soft and hard limits on various resources for executed processes.
Previously systemd::service_limits
was provided, but this is deprecated and will be removed in the next version.
systemd::service_limits { 'foo.service':
limits => {
'LimitNOFILE' => 8192,
'LimitNPROC' => 16384,
}
}
The replacement is to use the systemd::manage_dropin
defined type directly.
To migrate from the above example, use the following:
systemd::manage_dropin { 'foo.service-90-limits.conf':
unit => 'foo.service',
filename => '90-limits.conf',
service_entry => {
'LimitNOFILE' => 8192,
'LimitNPROC' => 16384,
},
}
machine-info (hostnamectl)
You can set elements of /etc/machine-info
via the machine_info_settings
parameter. These values are read by hostnamectl
.
To manage these, you'll need to add an additional module, augeasproviders_shellvar, to your environment.
Daemon reloads
Systemd caches unit files and their relations. This means it needs to reload, typically done via systemctl daemon-reload
. Since Puppet 6.1.0 (PUP-3483) takes care of this by calling systemctl show $SERVICE -- --property=NeedDaemonReload
to determine if a reload is needed. Typically this works well and removes the need for systemd::systemctl::daemon_reload
as provided prior to camptocamp/systemd 3.0.0. This avoids common circular dependencies.
It does contain a workaround for PUP-9473 but there's no guarantee that this works in every case.
network
systemd-networkd is able to manage your network configuration. We provide a defined resource which can write the interface configurations. systemd-networkd needs to be restarted to apply the configs. The defined resource can do this for you:
systemd::network { 'eth0.network':
source => "puppet:///modules/${module_name}/eth0.network",
restart_service => true,
}
Services
The default target is managed via the default_target
parameter. If this is left at its default value (undef
), the default-target will be unmanaged by puppet.
Systemd provides multiple services. Currently you can manage systemd-resolved
,
systemd-timesyncd
, systemd-networkd
, systemd-journald
, systemd-coredump
and systemd-logind
via the main class:
class { 'systemd':
manage_resolved => true,
manage_networkd => true,
manage_timesyncd => true,
manage_journald => true,
manage_udevd => true,
manage_logind => true,
manage_coredump => true,
}
$manage_networkd is required if you want to reload it for new
systemd::network
resources. Setting $manage_resolved will also manage your
/etc/resolv.conf
.
When configuring systemd::resolved
you could set use_stub_resolver
to false (default) to use a standard /etc/resolved.conf
, or you could set it to true
to use the local resolver provided by systemd-resolved
.
Systemd introduced DNS Over TLS
in release 239. Currently three states are supported yes
(since systemd 243), opportunistic
(true) and no
(false, default). When enabled with yes
or opportunistic
systemd-resolved
will start a TCP-session to a DNS server with DNS Over TLS
support. When enabled with yes
(strict mode), queries will fail if the configured DNS servers do not support DNS Over TLS
. Note that there will be no host checking for DNS Over TLS
due to missing implementation in systemd-resolved
.
Stopping systemd-resolved
once running can be problematic and care should be taken.
class { 'systemd':
manage_resolved => true,
resolved_ensure => false,
}
will stop the service and should also copy /run/systemd/resolve/resolv.conf
to /etc/resolve.conf
.
- Writing your own file to
/etc/resolv.conf
is also possible.
It is possible to configure the default ntp servers in /etc/systemd/timesyncd.conf
:
class { 'systemd':
manage_timesyncd => true,
ntp_server => ['0.pool.ntp.org', '1.pool.ntp.org'],
fallback_ntp_server => ['2.pool.ntp.org', '3.pool.ntp.org'],
}
when manage_systemd
is true any required sub package, e.g. systemd-resolved
on CentOS 9 or Debian 12, will be installed. However configuration of
systemd-resolved will only occur on second puppet run after that installation.
This requires puppetlabs-inifile, which is only a soft dependency in this module (you need to explicitly install it). Both parameters accept a string or an array.
Resource Accounting
Systemd has support for different accounting option. It can track
CPU/Memory/Network stats per process. This is explained in depth at systemd-system.conf.
This defaults to off (default on most operating systems). You can enable this
with the $manage_accounting
parameter. The module provides a default set of
working accounting options per operating system, but you can still modify them
with $accounting
:
class { 'systemd':
manage_accounting => true,
accounting => {
'DefaultCPUAccounting' => 'yes',
'DefaultMemoryAccounting' => 'no',
}
}
journald configuration
It also allows you to manage journald settings. You can manage journald settings through setting the journald_settings
parameter. If you want a parameter to be removed, you can pass its value as params.
---
systemd::journald_settings:
Storage: auto
MaxRetentionSec: 5day
MaxLevelStore:
ensure: absent
udevd configuration
It allows you to manage the udevd configuration. You can set the udev.conf values via the udev_log
, udev_children_max
, udev_exec_delay
, udev_event_timeout
, udev_resolve_names
, and udev_timeout_signal
parameters.
Additionally you can set custom udev rules with the udev_rules
parameter.
class { 'systemd':
manage_udevd => true,
udev_rules => {
'example_raw.rules' => {
'rules' => [
'ACTION=="add", KERNEL=="sda", RUN+="/bin/raw /dev/raw/raw1 %N"',
'ACTION=="add", KERNEL=="sdb", RUN+="/bin/raw /dev/raw/raw2 %N"',
],
},
},
}
With enabled udev_reload
modified rules would be applied immediately by executing udevadm control --reload-rules
.
---
systemd::udev_reload: true
systemd::manage_udevd: true
systemd::udev_rules:
50-md.rules:
rules:
- 'SUBSYSTEM=="block", KERNEL=="md*", ACTION=="change", TEST=="md/stripe_cache_size", ATTR{md/stripe_cache_size}="4096"'
udev::rules configuration
Custom udev rules can be defined for specific events.
systemd::udev::rule:
ensure: present
path: /etc/udev/rules.d
selinux_ignore_defaults: false
notify: "Service[systemd-udevd]"
rules:
- 'ACTION=="add", KERNEL=="sda", RUN+="/bin/raw /dev/raw/raw1 %N"'
- 'ACTION=="add", KERNEL=="sdb", RUN+="/bin/raw /dev/raw/raw2 %N"'
oomd configuration
The systemd-oomd
system can be configured.
class { 'systemd':
manage_oomd => true,
oomd_ensure => 'running'
oomd_settings => {
'SwapUsedLimit' => '90%',
'DefaultMemoryPressureLimit' => '60%',
'DefaultMemoryPressureDurationSec' => 30,
}
}
coredump configuration
The systemd-coredump
system can be configured.
class{'systemd':
manage_coredump => true,
coredump_backtrace => true,
coredump_settings => {
'Storage' => 'external',
'Compress' => 'yes',
'ProcessSizeMax' => '2G',
'ExternalSizeMax' => '10G',
'JournalSizeMax' => '20T',
'MaxUse' => '1E',
'KeepFree' => '1P',
}
}
logind configuration
It also allows you to manage logind settings. You can manage logind settings through setting the logind_settings
parameter. If you want a parameter to be removed, you can pass its value as params.
systemd::logind_settings:
HandleSuspendKey: 'ignore'
KillUserProcesses: 'no'
RemoveIPC:
ensure: absent
UserTasksMax: 10000
User linger
A loginctl_user
resource is available to manage user linger enablement:
loginctl_user { 'foo':
linger => enabled,
}
or as a hash via the systemd::loginctl_users
parameter.
Systemd Escape Function
Partially escape strings as systemd-escape
command does.
This functions only escapes a subset of chars. Non-ASCII character will not escape.
$result = systemd::escape('foo::bar/')
$result
would be foo::bar-
or path escape as if with -p
option.
$result = systemd::escape('/mnt/foobar/', true)
$result
would be mnt-foobar
.
Systemd Escape Function (uses systemd-escape)
Escape strings call the systemd-escape
command in the background.
It's highly recommend running the function as deferred function since it executes the command on the agent.
$result = Deferred('systemd::systemd_escape', ["foo::bar"])
$result
would be foo::bar-
or path escape as if with -p
option.
$result = Deferred('systemd::systemd_escape', ["/mnt/foo-bar/", true])
$result
would be mnt-foo\x2dbar
.
Tasks
systemd::systemctl_show
Returns more parseable output then the standard service task from bolt itself.
Default property filter: ["ActiveState", "LoadState", "MainPID", "SubState", "UnitFileState"]
output of standard task from bolt
bolt task run service name=puppet.service action=status -t controller-0
Started on controller-0...
Finished on controller-0:
{
"status": "MainPID=686,LoadState=loaded,ActiveState=active",
"enabled": "enabled"
}
output of systemd::systemctl_show
bolt task run systemd::systemctl_show unit_name=puppet.service -t controller-0
Started on controller-0...
Finished on controller-0:
{
"MainPID": "686",
"LoadState": "loaded",
"ActiveState": "active",
"SubState": "running",
"UnitFileState": "enabled"
}
Deprecation Notices
The type systemd::service_limits
is deprecated and systemd::manage_dropin
or systemd::dropin_file
should
be used instead.
Transfer Notice
This plugin was originally authored by Camptocamp. The maintainer preferred that Puppet Community take ownership of the module for future improvement and maintenance. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of Camptocamp.
Previously: [https://github.com/camptocamp/puppet-systemd]
Reference
Table of Contents
Classes
Public Classes
systemd
: This module allows triggering systemd commands once for all modulessystemd::tmpfiles
: Update the systemd temp files
Private Classes
systemd::coredump
: This class manages the systemd-coredump configuration.systemd::install
: Install any systemd sub packagessystemd::journal_remote
: This class manages and configures journal-remote.systemd::journal_upload
: This class manages and configures journal-upload.systemd::journald
: This class manages and configures journald.systemd::logind
: This class manages systemd's login manager configuration.systemd::machine_info
: This class manages systemd's machine-info file (hostnamectl)systemd::modules_loads
: Activate the modules contained in modules-loads.dsystemd::networkd
: This class provides an abstract way to trigger systemd-networkdsystemd::oomd
: This class manages and configures oomd.systemd::resolved
: This class provides an abstract way to trigger resolved.systemd::service_manager
: This class provides a solution to manage system and/or user service manager settingssystemd::timedatectl
: This class provides an abstract way to set elements with timedatectlsystemd::timesyncd
: This class provides an abstract way to trigger systemd-timesyncdsystemd::udevd
: This class manages systemd's udev config
Defined types
systemd::daemon_reload
: Run systemctl daemon-reloadsystemd::dropin_file
: Creates a drop-in file for a systemd unitsystemd::manage_dropin
: Creates a drop-in file for a systemd unit from a templatesystemd::manage_unit
: Generate unit file from templatesystemd::modules_load
: Creates a modules-load.d drop filesystemd::network
: Creates network config for systemd-networkdsystemd::service_limits
: Deprecated - Adds a set of custom limits to the servicesystemd::timer
: Create a timer and optionally a service unit to execute with the timer unitsystemd::timer_wrapper
: Helper to define timer and accompanying services for a given task (cron like interface).systemd::tmpfile
: Creates a systemd tmpfilesystemd::udev::rule
: Adds a custom udev rulesystemd::unit_file
: Creates a systemd unit filesystemd::user_service
: Manage a user service running under systemd --user
Resource types
loginctl_user
: An arbitrary name used as the identity of the resource.
Functions
systemd::escape
: Escape strings as systemd-escape does.systemd::systemd_escape
: Escape strings by call thesystemd-escape
command in the background.
Data types
Systemd::Boolean
: Defines systemd boolean type representationSystemd::Boolean::False
: Defines systemd boolean "false" type representationSystemd::Boolean::True
: Defines systemd boolean "true" type representationSystemd::Capabilities
: Defines allowed capabilitiesSystemd::CoredumpSettings
: Configurations for coredump.confSystemd::Dropin
: custom datatype that validates filenames/paths for valid systemd dropin filesSystemd::JournalRemoteSettings
: matches Systemd journal remote config StructSystemd::JournalUploadSettings
: matches Systemd journal upload config StructSystemd::JournaldSettings
: Matches Systemd journald config StructSystemd::JournaldSettings::Ensure
: defines allowed ensure states for systemd-journald settingsSystemd::LogLevel
: Defines allowed log levelsSystemd::LogindSettings
: Matches Systemd Login Manager StructSystemd::LogindSettings::Ensure
: defines allowed ensure states for systemd-logind settingsSystemd::MachineInfoSettings
: Matches Systemd machine-info (hostnamectl) file StructSystemd::OomdSettings
: Configurations for oomd.confSystemd::Output
: Defines allowed output valuesSystemd::ServiceLimits
: Deprecated - Matches Systemd Service Limit StructSystemd::ServiceManagerSettings
: Matches Systemd system.conf/user.conf settingsSystemd::SettingEnsure
: Defines allowed ensure states for an ini_settingSystemd::Timespan
: Defines a timespan typeSystemd::Unit
: custom datatype that validates different filenames for systemd units and unit templatesSystemd::Unit::Amount
: Systemd definition of amount, often bytes or united bytesSystemd::Unit::AmountOrPercent
: Systemd definition of amount, often bytes or united bytesSystemd::Unit::Install
: Possible keys for the [Install] section of a unit fileSystemd::Unit::Mount
: Possible keys for the [Mount] section of a unit fileSystemd::Unit::Path
: Possible keys for the [Path] section of a unit fileSystemd::Unit::Percent
: Systemd definition of a percentageSystemd::Unit::Service
: Possible keys for the [Service] section of a unit fileSystemd::Unit::Service::Exec
: Possible strings for ExecStart, ExecStartPrep, ...Systemd::Unit::Slice
: Possible keys for the [Slice] section of a unit fileSystemd::Unit::Socket
: Possible keys for the [Socket] section of a unit fileSystemd::Unit::Swap
: Possible keys for the [Swap] section of a unit fileSystemd::Unit::Timer
: Possible keys for the [Timer] section of a unit fileSystemd::Unit::Timespan
: Timer specification for systemd time spans, e.g. timers.Systemd::Unit::Unit
: Possible keys for the [Unit] section of a unit file
Tasks
systemctl_show
: Get systemctl show output of a unit
Classes
systemd
This module allows triggering systemd commands once for all modules
Parameters
The following parameters are available in the systemd
class:
default_target
service_limits
networks
timers
tmpfiles
unit_files
manage_resolved
resolved_ensure
resolved_package
manage_nspawn
nspawn_package
dns
fallback_dns
domains
llmnr
multicast_dns
dnssec
dnsovertls
cache
dns_stub_listener
dns_stub_listener_extra
manage_resolv_conf
use_stub_resolver
manage_networkd
networkd_ensure
networkd_package
manage_timesyncd
timesyncd_ensure
timesyncd_package
ntp_server
fallback_ntp_server
timezone
set_local_rtc
manage_journald
journald_settings
manage_journal_upload
journal_upload_settings
manage_journal_remote
journal_remote_settings
manage_udevd
udev_log
udev_children_max
udev_exec_delay
udev_event_timeout
udev_resolve_names
udev_timeout_signal
udev_rules
udev_reload
machine_info_settings
manage_logind
logind_settings
loginctl_users
dropin_files
manage_units
manage_dropins
manage_all_network_files
network_path
manage_accounting
accounting
purge_dropin_dirs
manage_coredump
coredump_settings
coredump_backtrace
manage_oomd
oomd_package
oomd_ensure
oomd_settings
udev_purge_rules
manage_system_conf
system_settings
manage_user_conf
user_settings
default_target
Data type: Optional[Pattern['^.+\.target$']]
The default systemd boot target, unmanaged if set to undef.
Default value: undef
service_limits
Data type: Stdlib::CreateResources
Deprecated, use dropin_files - Hash of systemd::service_limits
resources
Default value: {}
networks
Data type: Stdlib::CreateResources
Hash of systemd::network
resources
Default value: {}
timers
Data type: Stdlib::CreateResources
Hash of systemd::timer
resources
Default value: {}
tmpfiles
Data type: Stdlib::CreateResources
Hash of systemd::tmpfile
resources
Default value: {}
unit_files
Data type: Stdlib::CreateResources
Hash of systemd::unit_file
resources
Default value: {}
manage_resolved
Data type: Boolean
Manage the systemd resolver
Default value: false
resolved_ensure
Data type: Enum['stopped','running']
The state that the resolved
service should be in. When migrating from 'running' to
'stopped' an attempt will be made to restore a working /etc/resolv.conf
using
/run/systemd/resolve/resolv.conf
.
Default value: 'running'
resolved_package
Data type: Optional[Enum['systemd-resolved']]
The name of a systemd sub package needed for systemd-resolved if one needs to be installed.
Default value: undef
manage_nspawn
Data type: Boolean
Manage the systemd-nspawn@service and machinectl subsystem.
Default value: false
nspawn_package
Data type: Optional[Enum['systemd-container']]
The name of a systemd sub package needed for the nspawn tools machinectl and systemd-nspawn if one needs to be installed.
Default value: undef
dns
Data type: Optional[Variant[Array[String],String]]
A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers. DNS requests are sent to one of the listed DNS servers in parallel to suitable per-link DNS servers acquired from systemd-networkd.service(8) or set at runtime by external applications. requires puppetlabs-inifile
Default value: undef
fallback_dns
Data type: Optional[Variant[Array[String],String]]
A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS servers. Any per-link DNS servers obtained from systemd-networkd take precedence over this setting. requires puppetlabs-inifile
Default value: undef
domains
Data type: Optional[Variant[Array[String],String]]
A space-separated list of domains host names or IP addresses to be used systemd-resolved take precedence over this setting.
Default value: undef
llmnr
Data type: Optional[Variant[Boolean,Enum['resolve']]]
Takes a boolean argument or "resolve".
Default value: undef
multicast_dns
Data type: Optional[Variant[Boolean,Enum['resolve']]]
Takes a boolean argument or "resolve".
Default value: undef
dnssec
Data type: Optional[Variant[Boolean,Enum['allow-downgrade']]]
Takes a boolean argument or "allow-downgrade".
Default value: undef
dnsovertls
Data type: Variant[Boolean,Enum['yes', 'opportunistic', 'no']]
Takes a boolean argument or one of "yes", "opportunistic" or "no". "true" corresponds to "opportunistic" and "false" (default) to "no".
Default value: false
cache
Data type: Optional[Variant[Boolean,Enum['no-negative']]]
Takes a boolean argument or "no-negative". If left undef
the cache setting will not be modified.
Default value: undef
dns_stub_listener
Data type: Optional[Variant[Boolean,Enum['udp','tcp','absent']]]
Takes a boolean argument or one of "udp" and "tcp".
Setting it to 'absent'
will remove DNSStubListener
existing entries from the configuration file
Default value: undef
dns_stub_listener_extra
Data type: Optional[Variant[Array[String[1]],Enum['absent']]]
Additional addresses for the DNS stub listener to listen on
Setting it to 'absent'
will remove DNSStubListenerExtra
existing entries from the configuration file
Default value: undef
manage_resolv_conf
Data type: Boolean
For when manage_resolved
is true
should the file /etc/resolv.conf
be managed.
Default value: true
use_stub_resolver
Data type: Boolean
Takes a boolean argument. When "false" (default) it uses /run/systemd/resolve/resolv.conf
as /etc/resolv.conf. When "true", it uses /run/systemd/resolve/stub-resolv.conf
When resolved_ensure
is stopped
this parameter is ignored.
Default value: false
manage_networkd
Data type: Boolean
Manage the systemd network daemon
Default value: false
networkd_ensure
Data type: Enum['stopped','running']
The state that the networkd
service should be in
Default value: 'running'
networkd_package
Data type: Optional[String[1]]
Name of the package required for systemd-networkd, if any
Default value: undef
manage_timesyncd
Data type: Boolean
Manage the systemd timesyncd daemon
Default value: false
timesyncd_ensure
Data type: Enum['stopped','running']
The state that the timesyncd
service should be in
Default value: 'running'
timesyncd_package
Data type: Optional[String[1]]
Name of the package required for systemd-timesyncd, if any
Default value: undef
ntp_server
Data type: Optional[Variant[Array,String]]
comma separated list of ntp servers, will be combined with interface specific addresses from systemd-networkd. requires puppetlabs-inifile
Default value: undef
fallback_ntp_server
Data type: Optional[Variant[Array,String]]
A space-separated list of NTP server host names or IP addresses to be used as the fallback NTP servers. Any per-interface NTP servers obtained from systemd-networkd take precedence over this setting. requires puppetlabs-inifile
Default value: undef
timezone
Data type: Optional[String[1]]
Set the system time zone to the specified value. Available timezones can be listed with list-timezones. If the RTC is configured to be in the local time, this will also update the RTC time. This call will alter the /etc/localtime symlink.
Default value: undef
set_local_rtc
Data type: Optional[Boolean]
Takes a boolean argument. If "false", the system is configured to maintain the RTC in universal time. If "true", it will maintain the RTC in local time instead. Note that maintaining the RTC in the local timezone is not fully supported and will create various problems with time zone changes and daylight saving adjustments. If at all possible, keep the RTC in UTC mode.
Default value: undef
manage_journald
Data type: Boolean
Manage the systemd journald
Default value: true
journald_settings
Data type: Systemd::JournaldSettings
Config Hash that is used to configure settings in journald.conf
Default value: {}
manage_journal_upload
Data type: Boolean
Manage the systemd journal upload to a remote server
Default value: false
journal_upload_settings
Data type: Systemd::JournalUploadSettings
Config Hash that is used to configure settings in journal-upload.conf
Default value: {}
manage_journal_remote
Data type: Boolean
Manage the systemd journal remote server used to upload journals
Default value: false
journal_remote_settings
Data type: Systemd::JournalRemoteSettings
Config Hash that is used to configure settings in journal-remote.conf
Default value: {}
manage_udevd
Data type: Boolean
Manage the systemd udev daemon
Default value: false
udev_log
Data type: Optional[Variant[Integer,String]]
The value of /etc/udev/udev.conf udev_log
Default value: undef
udev_children_max
Data type: Optional[Integer]
The value of /etc/udev/udev.conf children_max
Default value: undef
udev_exec_delay
Data type: Optional[Integer]
The value of /etc/udev/udev.conf exec_delay
Default value: undef
udev_event_timeout
Data type: Optional[Integer]
The value of /etc/udev/udev.conf event_timeout
Default value: undef
udev_resolve_names
Data type: Optional[Enum['early', 'late', 'never']]
The value of /etc/udev/udev.conf resolve_names
Default value: undef
udev_timeout_signal
Data type: Optional[Variant[Integer,String]]
The value of /etc/udev/udev.conf timeout_signal
Default value: undef
udev_rules
Data type: Stdlib::CreateResources
Config Hash that is used to generate instances of our
udev::rule
define.
Default value: {}
udev_reload
Data type: Boolean
Whether udev rules should be automatically reloaded upon change.
Default value: false
machine_info_settings
Data type: Systemd::MachineInfoSettings
Settings to place into /etc/machine-info (hostnamectl)
Default value: {}
manage_logind
Data type: Boolean
Manage the systemd logind
Default value: false
logind_settings
Data type: Systemd::LogindSettings
Config Hash that is used to configure settings in logind.conf
Default value: {}
loginctl_users
Data type: Stdlib::CreateResources
Config Hash that is used to generate instances of our type
loginctl_user
.
Default value: {}
dropin_files
Data type: Stdlib::CreateResources
Configure dropin files via hiera and systemd::dropin_file
with factory pattern
Default value: {}
manage_units
Data type: Stdlib::CreateResources
Configure units via hiera and systemd::manage_unit
with factory pattern
Default value: {}
manage_dropins
Data type: Stdlib::CreateResources
Configure dropin files via hiera and systemd::manage_dropin
with factory pattern
Default value: {}
manage_all_network_files
Data type: Boolean
Default value: false
network_path
Data type: Stdlib::Absolutepath
where all networkd files are placed in
Default value: '/etc/systemd/network'
manage_accounting
Data type: Boolean
When enabled, the different accounting options (network traffic, IO, CPU util...) are enabled for units.
Default value: false
accounting
Data type: Hash[String,String]
Hash of the different accounting options. This highly depends on the used systemd version. The module provides sane defaults per operating system using Hiera.
Default value: {}
purge_dropin_dirs
Data type: Boolean
When enabled, unused directories for dropin files will be purged
Default value: true
manage_coredump
Data type: Boolean
Should systemd-coredump configuration be managed
Default value: false
coredump_settings
Data type: Systemd::CoredumpSettings
Hash of systemd-coredump configurations for coredump.conf
Default value: {}
coredump_backtrace
Data type: Boolean
Add --backtrace to systemd-coredump call systemd-coredump@.service unit
Default value: false
manage_oomd
Data type: Boolean
Should systemd-oomd configuration be managed
Default value: false
oomd_package
Data type: Optional[String[1]]
Name of the package required for systemd-oomd, if any
Default value: undef
oomd_ensure
Data type: Enum['stopped','running']
The state that the oomd
service should be in
Default value: 'running'
oomd_settings
Data type: Systemd::OomdSettings
Hash of systemd-oomd configurations for oomd.conf
Default value: {}
udev_purge_rules
Data type: Boolean
Toggle if unmanaged files in /etc/udev/rules.d should be purged if manage_udevd is enabled
Default value: false
manage_system_conf
Data type: Boolean
Should system service manager configurations be managed
Default value: false
system_settings
Data type: Systemd::ServiceManagerSettings
Config Hash that is used to configure settings in system.conf NOTE: It's currently impossible to have multiple entries of the same key in the settings.
Default value: {}
manage_user_conf
Data type: Boolean
Should user service manager configurations be managed
Default value: false
user_settings
Data type: Systemd::ServiceManagerSettings
Config Hash that is used to configure settings in user.conf NOTE: It's currently impossible to have multiple entries of the same key in the settings.
Default value: {}
systemd::tmpfiles
Update the systemd temp files
- See also
- systemd-tmpfiles(8)
Parameters
The following parameters are available in the systemd::tmpfiles
class:
operations
Data type: Array[Enum['create','clean','remove']]
The operations to perform on the systemd tempfiles
- All operations may be combined but you'll probably only ever want to
use
create
Default value: ['create']
Defined types
systemd::daemon_reload
Run systemctl daemon-reload
Examples
Force reload the system systemd
notify{ 'fake event to notify from':
notify => Systemd::Daemon_reload['special']
}
systemd::daemon_reload{ 'special': }
Force reload a systemd --user
notify{ 'fake event to notify from':
notify => Systemd::Daemon_reload['steve_user']
}
systemd::daemon_reload{ 'steve_user':
user => 'steve',
}
Parameters
The following parameters are available in the systemd::daemon_reload
defined type:
name
A globally unique name for the resource
enable
Data type: Boolean
Enable the reload exec
- Added in case users want to disable the reload globally using a resource collector
Default value: true
user
Data type: Optional[String[1]]
Specify user name of systemd --user
to reload. This not supported below Redhat 9,
Ubuntu 22.04 or Debian 12.
Default value: undef
systemd::dropin_file
Creates a drop-in file for a systemd unit
- See also
- systemd.unit(5)
Parameters
The following parameters are available in the systemd::dropin_file
defined type:
unit
filename
ensure
path
selinux_ignore_defaults
content
source
target
owner
group
mode
show_diff
notify_service
daemon_reload
unit
Data type: Systemd::Unit
The target unit file to create
filename
Data type: Systemd::Dropin
The filename of the drop in. The full path is determined using the path, unit and this filename.
Default value: $name
ensure
Data type: Enum['present', 'absent', 'file']
the state of this dropin file
Default value: 'present'
path
Data type: Stdlib::Absolutepath
The main systemd configuration path
Default value: '/etc/systemd/system'
selinux_ignore_defaults
Data type: Boolean
If Puppet should ignore the default SELinux labels.
Default value: false
content
Data type: Optional[Variant[String,Sensitive[String]]]
The full content of the unit file (Mutually exclusive with $source
)
Default value: undef
source
Data type: Optional[String]
The File
resource compatible source
Mutually exclusive with $content
Default value: undef
target
Data type: Optional[Stdlib::Absolutepath]
If set, will force the file to be a symlink to the given target (Mutually exclusive with both $source
and $content
Default value: undef
owner
Data type: String
The owner to set on the dropin file
Default value: 'root'
group
Data type: String
The group to set on the dropin file
Default value: 'root'
mode
Data type: String
The mode to set on the dropin file
Default value: '0444'
show_diff
Data type: Boolean
Whether to show the diff when updating dropin file
Default value: true
notify_service
Data type: Boolean
Notify a service for the unit, if it exists
Default value: true
daemon_reload
Data type: Boolean
Call systemd::daemon_reload
Default value: true
systemd::manage_dropin
Creates a drop-in file for a systemd unit from a template
- See also
- systemd.unit(5)
Examples
drop in file to change Type and override ExecStart
systemd::manage_dropin { 'myconf.conf':
ensure => present,
unit => 'myservice.service',
service_entry => {
'Type' => 'oneshot',
'ExecStart' => ['', '/usr/bin/doit.sh'],
},
}
drop in file to change a path unit and override TriggerLimitBurst
systemd::manage_dropin { 'triggerlimit.conf':
ensure => present,
unit => 'passwd.path',
path_entry => {
'TriggerLimitBurst' => 100,
},
}
drop in file to override the LimitCORE for a service
systemd::manage_dropin { 'corelimit.conf':
ensure => present,
unit => 'rsyslog.conf',
path_entry => {
'LimitCORE' => 'infinity',
},
}
make a noisy unit less noisy
systemd::manage_dropin { 'maxloglevel.conf':
ensure => present,
unit => 'chatty.service',
service_entry => {
'LogLevelMax' => 'warning',
}
}
have a unit instance auto run before user-.service
systemd::manage_dropin { 'user-aklog.conf':
unit => 'user@.service',
unit_entry => {
'After' => 'user-aklog@%i.service',
'Requires' => 'user-aklog@%i.service'
}
}
set memory limits on the user slices
systemd::manage_dropin { 'userlimits.conf':
unit => 'user-.slice',
slice_entry => {
MemoryMax => '10G',
MemoryAccounting => true,
}
}
set IO limits on two devices
systemd::manage_dropin { 'devicelimits.conf':
unit => 'special.service',
service_entry => {
'IOReadIOPSMax' => [
['/dev/afs',100],
['/dev/gluster','1000K'],
],
},
}
Parameters
The following parameters are available in the systemd::manage_dropin
defined type:
unit
filename
ensure
path
selinux_ignore_defaults
owner
group
mode
show_diff
notify_service
daemon_reload
unit_entry
slice_entry
service_entry
install_entry
timer_entry
path_entry
socket_entry
mount_entry
swap_entry
unit
Data type: Systemd::Unit
The unit to create a dropfile for
filename
Data type: Systemd::Dropin
The target unit file to create. The filename of the drop in. The full path is determined using the path, unit and this filename.
Default value: $name
ensure
Data type: Enum['present', 'absent']
The state of this dropin file
Default value: 'present'
path
Data type: Stdlib::Absolutepath
The main systemd configuration path
Default value: '/etc/systemd/system'
selinux_ignore_defaults
Data type: Boolean
If Puppet should ignore the default SELinux labels
Default value: false
owner
Data type: String
The owner to set on the dropin file
Default value: 'root'
group
Data type: String
The group to set on the dropin file
Default value: 'root'
mode
Data type: Stdlib::Filemode
The mode to set on the dropin file
Default value: '0444'
show_diff
Data type: Boolean
Whether to show the diff when updating dropin file
Default value: true
notify_service
Data type: Boolean
Notify a service for the unit, if it exists
Default value: false
daemon_reload
Data type: Boolean
Call systemd::daemon_reload
Default value: true
unit_entry
Data type: Optional[Systemd::Unit::Unit]
key value pairs for [Unit] section of the unit file
Default value: undef
slice_entry
Data type: Optional[Systemd::Unit::Slice]
key value pairs for [Slice] section of the unit file
Default value: undef
service_entry
Data type: Optional[Systemd::Unit::Service]
key value pairs for [Service] section of the unit file
Default value: undef
install_entry
Data type: Optional[Systemd::Unit::Install]
key value pairs for [Install] section of the unit file
Default value: undef
timer_entry
Data type: Optional[Systemd::Unit::Timer]
key value pairs for [Timer] section of the unit file
Default value: undef
path_entry
Data type: Optional[Systemd::Unit::Path]
key value pairs for [Path] section of the unit file
Default value: undef
socket_entry
Data type: Optional[Systemd::Unit::Socket]
key value pairs for the [Socket] section of the unit file
Default value: undef
mount_entry
Data type: Optional[Systemd::Unit::Mount]
key value pairs for the [Mount] section of the unit file
Default value: undef
swap_entry
Data type: Optional[Systemd::Unit::Swap]
key value pairs for the [Swap] section of the unit file
Default value: undef
systemd::manage_unit
Generate unit file from template
- See also
- systemd.unit(5)
Examples
Generate a service
systemd::manage_unit { 'myrunner.service':
unit_entry => {
'Description' => 'My great service',
},
service_entry => {
'Type' => 'oneshot',
'ExecStart' => '/usr/bin/doit.sh',
},
install_entry => {
'WantedBy' => 'multi-user.target',
},
}
Genenerate a path unit
systemd::manage_unit { 'passwd-mon.path':
ensure => present,
unit_entry => {
'Description' => 'Monitor the passwd file',
},
path_entry => {
'PathModified' => '/etc/passwd',
'Unit' => 'passwd-mon.service',
},
install_entry => {
'WantedBy' => 'multi-user.target',
},
}
Generate a socket and service (xinetd style)
systemd::manage_unit {'arcd.socket':
ensure => 'present',
unit_entry => {
'Description' => 'arcd.service',
},
socket_entry => {
'ListenStream' => 4241,
'Accept' => true,
'BindIPv6Only' => 'both',
},
install_entry => {
'WantedBy' => 'sockets.target',
},
}
systemd::manage_unit{'arcd@.service':
ensure => 'present',
enable => true,
active => true,
unit_entry => {
'Description' => 'arc sever for %i',
},
service_entry => {
'Type' => 'simple',
'ExecStart' => /usr/sbin/arcd /usr/libexec/arcd/arcd.pl,
'StandardInput' => 'socket',
},
}
Mount a Filesystem and Use for a Service
systemd::manage_unit { 'var-lib-sss-db.mount':
ensure => present,
unit_entry => {
'Description' => 'Mount sss tmpfs db',
},
mount_entry => {
'What' => 'tmpfs',
'Where' => '/var/lib/sss/db',
'Type' => 'tmpfs',
'Options' => 'size=300M,mode=0700,uid=sssd,gid=sssd,rootcontext=system_u:object_r:sssd_var_lib_t:s0',
},
}
systemd::manage_dropin { 'tmpfs-db.conf':
ensure => present,
unit => 'sssd.service',
unit_entry => {
'RequiresMountsFor' => '/var/lib/sss/db',
},
}
Create and Mount a Swap File
systemd::manage_unit{'swapfile.swap':
ensure => present,
enable => true,
active => true,
unit_entry => {
'Description' => 'Mount /swapfile as a swap file',
'After' => 'mkswap.service',
'Requires' => 'mkswap.service',
},
swap_entry => {
'What' => '/swapfile',
},
install_entry => {
'WantedBy' => 'multi-user.target',
},
require => Systemd::Manage_unit['mkswap.service'],
}
systemd::manage_unit{'mkswap.service':
ensure => present,
unit_entry => {
'Description' => 'Format a swapfile at /swapfile',
'ConditionPathExists' => '!/swapfile',
},
service_entry => {
'Type' => 'oneshot',
'UMask' => '0177',
'ExecStart' => [
'/usr/bin/dd if=/dev/zero of=/swapfile bs=1024 count=1000',
'/usr/sbin/mkswap /swapfile',
],
},
}
Remove a unit file
systemd::manage_unit { 'my.service':
ensure => 'absent',
}
Parameters
The following parameters are available in the systemd::manage_unit
defined type:
name
ensure
path
owner
group
mode
show_diff
enable
active
restart
selinux_ignore_defaults
service_parameters
daemon_reload
service_restart
unit_entry
slice_entry
service_entry
install_entry
timer_entry
path_entry
socket_entry
mount_entry
swap_entry
name
Data type: Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']
The target unit file to create
ensure
Data type: Enum['present', 'absent']
The state of the unit file to ensure
Default value: 'present'
path
Data type: Stdlib::Absolutepath
The main systemd configuration path
Default value: '/etc/systemd/system'
owner
Data type: String
The owner to set on the unit file
Default value: 'root'
group
Data type: String
The group to set on the unit file
Default value: 'root'
mode
Data type: Stdlib::Filemode
The mode to set on the unit file
Default value: '0444'
show_diff
Data type: Boolean
Whether to show the diff when updating unit file
Default value: true
enable
Data type: Optional[Variant[Boolean, Enum['mask']]]
If set, manage the unit enablement status
Default value: undef
active
Data type: Optional[Boolean]
If set, will manage the state of the unit
Default value: undef
restart
Data type: Optional[String]
Specify a restart command manually. If left unspecified, a standard Puppet service restart happens
Default value: undef
selinux_ignore_defaults
Data type: Boolean
maps to the same param on the file resource for the unit. false in the module because it's false in the file resource type
Default value: false
service_parameters
Data type: Hash[String[1], Any]
hash that will be passed with the splat operator to the service resource
Default value: {}
daemon_reload
Data type: Boolean
call systemd::daemon-reload
to ensure that the modified unit file is loaded
Default value: true
service_restart
Data type: Boolean
restart (notify) the service when unit file changed
Default value: true
unit_entry
Data type: Optional[Systemd::Unit::Unit]
key value pairs for [Unit] section of the unit file.
Default value: undef
slice_entry
Data type: Optional[Systemd::Unit::Slice]
key value pairs for [Slice] section of the unit file
Default value: undef
service_entry
Data type: Optional[Systemd::Unit::Service]
key value pairs for [Service] section of the unit file.
Default value: undef
install_entry
Data type: Optional[Systemd::Unit::Install]
key value pairs for [Install] section of the unit file.
Default value: undef
timer_entry
Data type: Optional[Systemd::Unit::Timer]
key value pairs for [Timer] section of the unit file
Default value: undef
path_entry
Data type: Optional[Systemd::Unit::Path]
key value pairs for [Path] section of the unit file.
Default value: undef
socket_entry
Data type: Optional[Systemd::Unit::Socket]
kev value paors for [Socket] section of the unit file.
Default value: undef
mount_entry
Data type: Optional[Systemd::Unit::Mount]
kev value pairs for [Mount] section of the unit file.
Default value: undef
swap_entry
Data type: Optional[Systemd::Unit::Swap]
kev value pairs for [Swap] section of the unit file.
Default value: undef
systemd::modules_load
Creates a modules-load.d drop file
- See also
- modules-load.d(5)
Examples
load a module
systemd::modules_load { 'impi.conf':
content => "ipmi\n",
}
override /lib/modules-load.d/myservice.conf in /etc/modules-load.d/myservice.conf
systemd::modules_load { 'myservice.conf':
content => "# Cancel system version of the file\n",
}
Parameters
The following parameters are available in the systemd::modules_load
defined type:
filename
Data type: Systemd::Dropin
The name of the modules-load.d file to create
Default value: $name
ensure
Data type: Enum['present', 'absent', 'file']
Whether to drop a file or remove it
Default value: 'file'
path
Data type: Stdlib::Absolutepath
The path to the main systemd modules-load.d directory
Default value: '/etc/modules-load.d'
content
Data type: Optional[String[1]]
The literal content to write to the file
- Mutually exclusive with
$source
Default value: undef
source
Data type: Optional[String[1]]
A File
resource compatible source
- Mutually exclusive with
$content
Default value: undef
systemd::network
Creates network config for systemd-networkd
Parameters
The following parameters are available in the systemd::network
defined type:
ensure
Data type: Enum['file', 'absent']
configure if the file should be configured or deleted
Default value: file
path
Data type: Stdlib::Absolutepath
directory where the network configs are stored
Default value: '/etc/systemd/network'
content
Data type: Optional[String]
the content of the file
Default value: undef
source
Data type: Optional[String]
a path to a file that's used as source
Default value: undef
target
Data type: Optional[Stdlib::Absolutepath]
optional absolute path in case the file should be stored somewhere else
Default value: undef
owner
Data type: String
the user who owns the file
Default value: 'root'
group
Data type: String
the group that owns the file
Default value: 'root'
mode
Data type: String
the mode of the file
Default value: '0444'
show_diff
Data type: Boolean
whether the file diff should be shown on modifications
Default value: true
restart_service
Data type: Boolean
whether systemd-networkd should be restarted on changes, defaults to true. $systemd::manage_networkd
needs to be true as well
Default value: true
systemd::service_limits
Deprecated - Adds a set of custom limits to the service
- See also
- systemd.exec(5)
Parameters
The following parameters are available in the systemd::service_limits
defined type:
name
Data type: Pattern['^.+\.(service|socket|mount|swap)$']
The name of the service that you will be modifying
ensure
Data type: Enum['present', 'absent', 'file']
Whether to drop a file or remove it
Default value: 'present'
path
Data type: Stdlib::Absolutepath
The path to the main systemd settings directory
Default value: '/etc/systemd/system'
selinux_ignore_defaults
Data type: Boolean
If Puppet should ignore the default SELinux labels.
Default value: false
limits
Data type: Optional[Systemd::ServiceLimits]
A Hash of service limits matching the settings in systemd.exec(5)
- Mutually exclusive with
$source
Default value: undef
source
Data type: Optional[String]
A File
resource compatible source
- Mutually exclusive with
$limits
Default value: undef
restart_service
Data type: Boolean
Unused parameter for compatibility with older versions. Will fail if true is passed in.
Default value: false
systemd::timer
Create a timer and optionally a service unit to execute with the timer unit
- See also
- https://www.freedesktop.org/software/systemd/man/systemd.timer.html
- systemd.timer(5)
- https://www.freedesktop.org/software/systemd/man/systemd.timer.html
Parameters
The following parameters are available in the systemd::timer
defined type:
name
path
timer_content
timer_source
service_content
service_source
owner
group
mode
show_diff
service_unit
active
enable
ensure
daemon_reload
name
Data type: Pattern['^.+\.timer$]
The target of the timer unit to create
path
Data type: Stdlib::Absolutepath
The main systemd configuration path
Default value: '/etc/systemd/system'
timer_content
Data type: Optional[String[1]]
The full content of the timer unit file
- Mutually exclusive with
$timer_source
Default value: undef
timer_source
Data type: Optional[String[1]]
The File
resource compatible source
- Mutually exclusive with
$timer_content
Default value: undef
service_content
Data type: Optional[String[1]]
The full content of the service unit file
- Mutually exclusive with
$service_source
Default value: undef
service_source
Data type: Optional[String[1]]
The File
resource compatible source
- Mutually exclusive with
$service_content
Default value: undef
owner
Data type: String[1]
The owner to set on the dropin file
Default value: 'root'
group
Data type: String[1]
The group to set on the dropin file
Default value: 'root'
mode
Data type: Stdlib::Filemode
The mode to set on the dropin file
Default value: '0444'
show_diff
Data type: Boolean
Whether to show the diff when updating dropin file
Default value: true
service_unit
Data type: Optional[Systemd::Unit]
If set then the service_unit will have this name. If not set the service unit has the same name as the timer unit with s/.timer/.service/
Default value: undef
active
Data type: Optional[Boolean]
If set to true or false the timer service will be maintained. If true the timer service will be running and enabled, if false it will explicitly stopped and disabled.
Default value: undef
enable
Data type: Optional[Variant[Boolean, Enum['mask']]]
If set, will manage the state of the unit.
Default value: undef
ensure
Data type: Enum['present', 'absent', 'file']
Defines the desired state of the timer
Default value: 'present'
daemon_reload
Data type: Boolean
Call systemd::daemon_reload
Default value: true
systemd::timer_wrapper
Helper to define timer and accompanying services for a given task (cron like interface).
Examples
Create a timer that runs every 5 minutes
systemd::timer_wrapper { 'my_timer':
ensure => 'present',
command => '/usr/bin/echo "Hello World"',
on_calendar => '*:0/5',
}
Create a timer with overrides for the service and timer
systemd::timer_wrapper { 'my_timer':
ensure => 'present',
command => '/usr/bin/echo "Hello World"',
on_calendar => '*:0/5',
service_overrides => { 'Group' => 'nobody' },
timer_overrides => { 'OnBootSec' => '10' },
}
Create a timer with overrides for the service_unit and timer_unit
systemd::timer_wrapper { 'my_timer':
ensure => 'present',
command => '/usr/bin/echo "Hello World"',
on_calendar => '*:0/5',
service_unit_overrides => { 'Wants' => 'network-online.target' },
timer_unit_overrides => { 'Description' => 'Very special timer' },
}
Parameters
The following parameters are available in the systemd::timer_wrapper
defined type:
ensure
command
user
on_active_sec
on_boot_sec
on_start_up_sec
on_unit_active_sec
on_unit_inactive_sec
on_calendar
service_overrides
timer_overrides
service_unit_overrides
timer_unit_overrides
ensure
Data type: Enum['present', 'absent']
whether the timer and service should be present or absent
command
Data type: Optional[Systemd::Unit::Service::Exec]
the command for the systemd servie to execute
Default value: undef
user
Data type: Optional[String[1]]
the user to run the command as
Default value: undef
on_active_sec
Data type: Optional[Systemd::Unit::Timespan]
run service relative to the time when the timer was activated
Default value: undef
on_boot_sec
Data type: Optional[Systemd::Unit::Timespan]
run service relative to when the machine was booted
Default value: undef
on_start_up_sec
Data type: Optional[Systemd::Unit::Timespan]
run service relative to when the service manager was started
Default value: undef
on_unit_active_sec
Data type: Optional[Systemd::Unit::Timespan]
run service relative to when the unit was last activated
Default value: undef
on_unit_inactive_sec
Data type: Optional[Systemd::Unit::Timespan]
run service relative to when the unit was last deactivated
Default value: undef
on_calendar
Data type: Optional[Systemd::Unit::Timespan]
the calendar event expressions time to run the service
Default value: undef
service_overrides
Data type: Systemd::Unit::Service
override for the[Service]
section of the service
Default value: {}
timer_overrides
Data type: Systemd::Unit::Timer
override for the[Timer]
section of the timer
Default value: {}
service_unit_overrides
Data type: Systemd::Unit::Unit
override for the[Unit]
section of the service
Default value: {}
timer_unit_overrides
Data type: Systemd::Unit::Unit
override for the [Unit]
section of the timer
Default value: {}
systemd::tmpfile
Creates a systemd tmpfile
- See also
- systemd-tmpfiles(8)
Parameters
The following parameters are available in the systemd::tmpfile
defined type:
filename
Data type: Systemd::Dropin
The name of the tmpfile to create
Default value: $name
ensure
Data type: Enum['present', 'absent', 'file']
Whether to drop a file or remove it
Default value: 'file'
path
Data type: Stdlib::Absolutepath
The path to the main systemd tmpfiles directory
Default value: '/etc/tmpfiles.d'
content
Data type: Optional[String]
The literal content to write to the file
- Mutually exclusive with
$source
Default value: undef
source
Data type: Optional[String]
A File
resource compatible source
- Mutually exclusive with
$limits
Default value: undef
systemd::udev::rule
Adds a custom udev rule
- See also
- udev(7)
Parameters
The following parameters are available in the systemd::udev::rule
defined type:
name
Data type: Pattern['^.+\.rules$']
The name of the udev rules to create
ensure
Data type: Enum['present', 'absent', 'file']
Whether to drop a file or remove it
Default value: 'file'
path
Data type: Stdlib::Absolutepath
The path to the main systemd settings directory
Default value: '/etc/udev/rules.d'
selinux_ignore_defaults
Data type: Boolean
If Puppet should ignore the default SELinux labels.
Default value: false
notify_services
Data type: Variant[Array[String[1]], String[1]]
List of services to notify when this rule is updated
Default value: []
rules
Data type: Array
The literal udev rules you want to deploy
Default value: []
systemd::unit_file
Creates a systemd unit file
- See also
- systemd.unit(5)
Examples
manage unit file + service
systemd::unit_file { 'foo.service':
content => file("${module_name}/foo.service"),
enable => true,
active => true,
}
Parameters
The following parameters are available in the systemd::unit_file
defined type:
name
ensure
path
content
source
target
owner
group
mode
show_diff
enable
active
restart
selinux_ignore_defaults
service_parameters
daemon_reload
service_restart
name
Data type: Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']
The target unit file to create
ensure
Data type: Enum['present', 'absent']
The state of the unit file to ensure
Default value: 'present'
path
Data type: Stdlib::Absolutepath
The main systemd configuration path
Default value: '/etc/systemd/system'
content
Data type: Optional[Variant[String, Sensitive[String], Deferred]]
The full content of the unit file
- Mutually exclusive with
$source
Default value: undef
source
Data type: Optional[String]
The File
resource compatible source
- Mutually exclusive with
$content
Default value: undef
target
Data type: Optional[Stdlib::Absolutepath]
If set, will force the file to be a symlink to the given target
- Mutually exclusive with both
$source
and$content
Default value: undef
owner
Data type: String
The owner to set on the unit file
Default value: 'root'
group
Data type: String
The group to set on the unit file
Default value: 'root'
mode
Data type: String
The mode to set on the unit file
Default value: '0444'
show_diff
Data type: Boolean
Whether to show the diff when updating unit file
Default value: true
enable
Data type: Optional[Variant[Boolean, Enum['mask']]]
If set, will manage the unit enablement status.
Default value: undef
active
Data type: Optional[Boolean]
If set, will manage the state of the unit.
Default value: undef
restart
Data type: Optional[String]
Specify a restart command manually. If left unspecified, a standard Puppet service restart happens.
Default value: undef
selinux_ignore_defaults
Data type: Boolean
maps to the same param on the file resource for the unit. false in the module because it's false in the file resource type
Default value: false
service_parameters
Data type: Hash[String[1], Any]
hash that will be passed with the splat operator to the service resource
Default value: {}
daemon_reload
Data type: Boolean
call systemd::daemon-reload
to ensure that the modified unit file is loaded
Default value: true
service_restart
Data type: Boolean
restart (notify) the service when unit file changed
Default value: true
systemd::user_service
Manage a user service running under systemd --user
Examples
Enable a service for all users
systemd::user_service { 'systemd-tmpfiles-clean.timer':
enable => true,
global => true,
}
Enable a particular user's service
systemd::user_service { 'podman-auto-update.timer':
ensure => true,
enable => true,
user => 'steve',
}
Notify a user's service to restart it
file{ '/home/steve/.config/systemd/user/podman-auto-update.timer':
ensure => file,
content => ...,
notify => Systemd::User_service['steve-podman-auto-update.timer']
}
systemd::user_service { 'steve-podman-auto-update.timer':
ensure => true,
enable => true,
unit => 'podman-auto-update.timer',
user => 'steve',
}
@param unit Unit name to work on
@param ensure Should the unit be started or stopped. Can only be true if user is specified.
@param enable Should the unit be enabled or disabled
@param user User name of user whose unit should be acted upon. Mutually exclusive with
@param global Act globally for all users. Mutually exclusibe with `user`.
Parameters
The following parameters are available in the systemd::user_service
defined type:
unit
Data type: Systemd::Unit
Default value: $title
ensure
Data type: Variant[Boolean,Enum['stopped','running']]
Default value: false
enable
Data type: Boolean
Default value: false
global
Data type: Boolean
Default value: false
user
Data type: Optional[String[1]]
Default value: undef
Resource types
loginctl_user
An arbitrary name used as the identity of the resource.
Properties
The following properties are available in the loginctl_user
type.
linger
Valid values: enabled
, disabled
Whether linger is enabled for the user.
Default value: disabled
Parameters
The following parameters are available in the loginctl_user
type.
name
namevar
An arbitrary name used as the identity of the resource.
provider
The specific backend to use for this loginctl_user
resource. You will seldom need to specify this --- Puppet will
usually discover the appropriate provider for your platform.
Functions
systemd::escape
Type: Puppet Language
Escape strings as systemd-escape does.
Examples
Escaping a string
$result = systemd::escape('foo::bar')
Escaping a path
$result = systemd::escape('/mnt/foobar',true)
systemd::escape(String[1] $input, Boolean $path = false)
The systemd::escape function.
Returns: String
String
Examples
Escaping a string
$result = systemd::escape('foo::bar')
Escaping a path
$result = systemd::escape('/mnt/foobar',true)
input
Data type: String[1]
Input string
path
Data type: Boolean
Use path (-p) ornon-path style escaping.
systemd::systemd_escape
Type: Ruby 4.x API
Escape strings by call the systemd-escape
command in the background.
systemd::systemd_escape(String $input, Optional[Optional[Boolean]] $path)
The systemd::systemd_escape function.
Returns: String
input
Data type: String
Input string
path
Data type: Optional[Optional[Boolean]]
Use path (-p) ornon-path style escaping.
Data types
Systemd::Boolean
Defines systemd boolean type representation
Alias of Variant[Systemd::Boolean::True, Systemd::Boolean::False]
Systemd::Boolean::False
Defines systemd boolean "false" type representation
Alias of Variant[Integer[0,0], Enum['no', 'false'], Boolean[false]]
Systemd::Boolean::True
Defines systemd boolean "true" type representation
Alias of Variant[Integer[1], Enum['yes', 'true'], Boolean[true]]
Systemd::Capabilities
Defines allowed capabilities
Alias of Variant[Pattern[/^~?(CAP_[A-Z_]+ *)+$/]]
Systemd::CoredumpSettings
Configurations for coredump.conf
Alias of
Struct[{
Optional['Storage'] => Enum['none', 'external', 'journal'],
Optional['Compress'] => Enum['yes','no'],
Optional['ProcessSizeMax'] => Systemd::Unit::Amount,
Optional['ExternalSizeMax'] => Systemd::Unit::Amount,
Optional['JournalSizeMax'] => Systemd::Unit::Amount,
Optional['MaxUse'] => Systemd::Unit::Amount,
Optional['KeepFree'] => Systemd::Unit::Amount,
}]
Systemd::Dropin
custom datatype that validates filenames/paths for valid systemd dropin files
Alias of Pattern['^[^/]+\.conf$']
Systemd::JournalRemoteSettings
matches Systemd journal remote config Struct
Alias of
Struct[{
Optional['Seal'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['SplitMode'] => Variant[Enum['host','none'],Systemd::JournaldSettings::Ensure],
Optional['ServerKeyFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
Optional['ServerCertificateFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
Optional['TrustedCertificateFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
Optional['MaxUse'] => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
Optional['KeepFree'] => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
Optional['MaxFileSize'] => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
Optional['MaxFiles'] => Variant[Integer,Systemd::JournaldSettings::Ensure],
}]
Systemd::JournalUploadSettings
matches Systemd journal upload config Struct
Alias of
Struct[{
Optional['URL'] => Variant[Stdlib::HTTPUrl,Systemd::JournaldSettings::Ensure],
Optional['ServerKeyFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
Optional['ServerCertificateFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
Optional['TrustedCertificateFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
Optional['NetworkTimeoutSec'] => Variant[Systemd::Unit::Timespan,Systemd::JournaldSettings::Ensure],
}]
Systemd::JournaldSettings
Matches Systemd journald config Struct
Alias of
Struct[{
Optional['Storage'] => Variant[Enum['volatile','persistent','auto','none'],Systemd::JournaldSettings::Ensure],
Optional['Compress'] => Variant[Enum['yes','no'], Systemd::Unit::Amount ,Systemd::JournaldSettings::Ensure],
Optional['Seal'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['SplitMode'] => Variant[Enum['uid','none'],Systemd::JournaldSettings::Ensure],
Optional['RateLimitInterval'] => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/],Systemd::JournaldSettings::Ensure],
Optional['RateLimitIntervalSec'] => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/],Systemd::JournaldSettings::Ensure],
Optional['RateLimitBurst'] => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
Optional['SystemMaxUse'] => Variant[Systemd::Unit::AmountOrPercent,Systemd::JournaldSettings::Ensure],
Optional['SystemKeepFree'] => Variant[Systemd::Unit::AmountOrPercent,Systemd::JournaldSettings::Ensure],
Optional['SystemMaxFileSize'] => Variant[Systemd::Unit::AmountOrPercent,Systemd::JournaldSettings::Ensure],
Optional['SystemMaxFiles'] => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
Optional['RuntimeMaxUse'] => Variant[Systemd::Unit::AmountOrPercent ,Systemd::JournaldSettings::Ensure],
Optional['RuntimeKeepFree'] => Variant[Systemd::Unit::AmountOrPercent ,Systemd::JournaldSettings::Ensure],
Optional['RuntimeMaxFileSize'] => Variant[Systemd::Unit::AmountOrPercent ,Systemd::JournaldSettings::Ensure],
Optional['RuntimeMaxFiles'] => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
Optional['MaxFileSec'] => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
Optional['MaxRetentionSec'] => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
Optional['SyncIntervalSec'] => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
Optional['ForwardToSyslog'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['ForwardToKMsg'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['ForwardToConsole'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['ForwardToWall'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelStore'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelSyslog'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelKMsg'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelConsole'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['MaxLevelWall'] => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
Optional['ReadKMsg'] => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
Optional['TTYPath'] => Variant[Stdlib::Absolutepath,Systemd::JournaldSettings::Ensure],
Optional['LineMax'] => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
}]
Systemd::JournaldSettings::Ensure
defines allowed ensure states for systemd-journald settings
Alias of Struct[{ 'ensure' => Enum['present','absent'] }]
Systemd::LogLevel
Defines allowed log levels
Alias of Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'], Integer[0,7]]
Systemd::LogindSettings
Matches Systemd Login Manager Struct
Alias of
Struct[{
Optional['HandleHibernateKey'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleLidSwitch'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleLidSwitchDocked'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleLidSwitchExternalPower'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandlePowerKey'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HandleSuspendKey'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['HibernateKeyIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['HoldoffTimeoutSec'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['IdleAction'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
Optional['IdleActionSec'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['InhibitDelayMaxSec'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['InhibitorsMax'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['KillExcludeUsers'] => Variant[Array[String],Systemd::LogindSettings::Ensure],
Optional['KillOnlyUsers'] => Variant[Array[String],Systemd::LogindSettings::Ensure],
Optional['KillUserProcesses'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['LidSwitchIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['NAutoVTs'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['PowerKeyIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['RemoveIPC'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['ReserveVT'] => Variant[Integer,Systemd::LogindSettings::Ensure],
Optional['RuntimeDirectorySize'] => Variant[Systemd::Unit::AmountOrPercent ,Systemd::LogindSettings::Ensure],
Optional['SessionsMax'] => Variant[Systemd::Unit::Amount,Systemd::LogindSettings::Ensure],
Optional['SuspendKeyIgnoreInhibited'] => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
Optional['UserTasksMax'] => Variant[Systemd::Unit::Amount,Systemd::LogindSettings::Ensure],
Optional['StopIdleSessionSec'] => Variant[Systemd::Unit::Amount,Systemd::LogindSettings::Ensure]
}]
Systemd::LogindSettings::Ensure
defines allowed ensure states for systemd-logind settings
Alias of Struct[{ 'ensure' => Enum['present','absent'] }]
Systemd::MachineInfoSettings
Matches Systemd machine-info (hostnamectl) file Struct
Alias of
Struct[{
Optional['PRETTY_HOSTNAME'] => String[1],
Optional['ICON_NAME'] => String[1],
Optional['CHASSIS'] => String[1],
Optional['DEPLOYMENT'] => String[1],
Optional['LOCATION'] => String[1],
Optional['HARDWARE_VENDOR'] => String[1],
Optional['HARDWARE_MODEL'] => String[1],
}]
Systemd::OomdSettings
Configurations for oomd.conf
Alias of
Struct[{
Optional['SwapUsedLimit'] => Pattern[/^[0-9]+[%|‰|‱]$/],
Optional['DefaultMemoryPressureLimit'] => Pattern[/^[0-9]+%$/],
Optional['DefaultMemoryPressureDurationSec'] => Integer[0],
}]
Systemd::Output
Used in DefaultStandardOutput/DefaultStandardError e.g.
Alias of Enum['inherit', 'null', 'tty', 'journal', 'journal+console', 'kmsg', 'kmsg+console']
Systemd::ServiceLimits
Deprecated - Matches Systemd Service Limit Struct
Alias of
Struct[{
Optional['LimitCPU'] => Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'],
Optional['LimitFSIZE'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitDATA'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitSTACK'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitCORE'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitRSS'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitNOFILE'] => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
Optional['LimitAS'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitNPROC'] => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
Optional['LimitMEMLOCK'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitLOCKS'] => Integer[1],
Optional['LimitSIGPENDING'] => Integer[1],
Optional['LimitMSGQUEUE'] => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
Optional['LimitNICE'] => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$']],
Optional['LimitRTPRIO'] => Integer[0],
Optional['LimitRTTIME'] => Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'],
Optional['CPUAccounting'] => Boolean,
Optional['CPUShares'] => Integer[2,262144],
Optional['StartupCPUShares'] => Integer[2,262144],
Optional['CPUQuota'] => Pattern['^([1-9][0-9]*)%$'],
Optional['MemoryAccounting'] => Boolean,
Optional['MemoryLow'] => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
Optional['MemoryMin'] => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
Optional['MemoryHigh'] => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
Optional['MemoryMax'] => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
Optional['MemoryLimit'] => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
Optional['MemorySwapMax'] => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
Optional['TasksAccounting'] => Boolean,
Optional['TasksMax'] => Variant[Integer[1],Pattern['^(infinity|([1-9][0-9]?$|^100)%)$']],
Optional['IOAccounting'] => Boolean,
Optional['IOWeight'] => Integer[1,10000],
Optional['StartupIOWeight'] => Integer[1,10000],
Optional['IODeviceWeight'] => Array[Hash[Stdlib::Absolutepath, Integer[1,10000], 1, 1]],
Optional['IOReadBandwidthMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['IOWriteBandwidthMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['IOReadIOPSMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['IOWriteIOPSMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
Optional['DeviceAllow'] => String[1],
Optional['DevicePolicy'] => Enum['auto','closed','strict'],
Optional['Slice'] => String[1],
Optional['Delegate'] => Boolean,
Optional['OOMScoreAdjust'] => Integer[-1000,1000]
}]
Systemd::ServiceManagerSettings
NOTE: Systemd::SettingEnsure here allows to delete the setting from the INI file. See the example below for Hiera:
systemd::system_settings:
LogLevel:
ensure: absent
Alias of
Struct[{
Optional['LogLevel'] => Variant[Systemd::LogLevel, Systemd::SettingEnsure],
Optional['LogTarget'] => Variant[Enum['console','console-prefixed','kmsg','journal','journal-or-kmsg','auto','null'], Systemd::SettingEnsure],
Optional['LogColor'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['LogLocation'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['LogTime'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['DumpCore'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['ShowStatus'] => Variant[Systemd::Boolean, Enum['auto','error'], Systemd::SettingEnsure],
Optional['CrashChangeVT'] => Variant[Systemd::Boolean, Integer[1,63], Systemd::SettingEnsure],
Optional['CrashShell'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['CrashReboot'] => Variant[Systemd::Boolean, Systemd::SettingEnsure], # Obsoleted by CrashAction in v256, delete after Debian 12 EOL
Optional['CrashAction'] => Variant[Enum['freeze', 'reboot', 'poweroff'], Systemd::SettingEnsure],
Optional['CtrlAltDelBurstAction'] => Variant[Enum['reboot-force','poweroff-force','reboot-immediate','poweroff-immediate','none'], Systemd::SettingEnsure],
Optional['CPUAffinity'] => Variant[Enum['numa'], Pattern['^[0-9, -]+$'], Systemd::SettingEnsure],
Optional['NUMAPolicy'] => Variant[Enum['default','preferred','bind','interleave','local'], Systemd::SettingEnsure],
Optional['NUMAMask'] => Variant[Enum['all'], Pattern['^[0-9, -]+$'], Systemd::SettingEnsure],
Optional['RuntimeWatchdogSec'] => Variant[Enum['off','default'], Systemd::Timespan, Systemd::SettingEnsure],
Optional['RuntimeWatchdogPreSec'] => Variant[Enum['off'], Systemd::Timespan, Systemd::SettingEnsure],
Optional['RuntimeWatchdogPreGovernor'] => Variant[Enum['noop', 'panic'], String[1], Systemd::SettingEnsure],
Optional['RebootWatchdogSec'] => Variant[Enum['off','default'], Systemd::Timespan, Systemd::SettingEnsure],
Optional['KExecWatchdogSec'] => Variant[Enum['off','default'], Systemd::Timespan, Systemd::SettingEnsure],
Optional['WatchdogDevice'] => Variant[Stdlib::Absolutepath, Systemd::SettingEnsure],
Optional['CapabilityBoundingSet'] => Variant[Systemd::Capabilities, Systemd::SettingEnsure],
Optional['NoNewPrivileges'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['ProtectSystem'] => Variant[Enum['auto'], Systemd::Boolean, Systemd::SettingEnsure],
Optional['SystemCallArchitectures'] => Variant[String[1], Systemd::SettingEnsure],
Optional['TimerSlackNSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['StatusUnitFormat'] => Variant[Enum['combined','description','name'], Systemd::SettingEnsure],
Optional['DefaultTimerAccuracySec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultStandardOutput'] => Variant[Systemd::Output, Systemd::SettingEnsure],
Optional['DefaultStandardError'] => Variant[Systemd::Output, Systemd::SettingEnsure],
Optional['DefaultTimeoutStartSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultTimeoutStopSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultTimeoutAbortSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultDeviceTimeoutSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultRestartSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultStartLimitIntervalSec'] => Variant[Enum['infinity'], Systemd::Timespan, Systemd::SettingEnsure],
Optional['DefaultStartLimitBurst'] => Variant[Integer[0], Systemd::SettingEnsure],
Optional['DefaultEnvironment'] => Variant[String, Systemd::SettingEnsure],
Optional['ManagerEnvironment'] => Variant[String, Systemd::SettingEnsure],
Optional['DefaultCPUAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['DefaultBlockIOAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure], # Deprecated in v252. Delete after Debian 11 EOL
Optional['DefaultIOAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['DefaultIPAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['DefaultMemoryAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['DefaultTasksAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
Optional['DefaultTasksMax'] => Variant[Enum['infinity'], Integer[0], Systemd::Unit::Percent, Systemd::SettingEnsure],
Optional['DefaultLimitCPU'] => Variant[Enum['infinity'], Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'], Systemd::SettingEnsure],
Optional['DefaultLimitFSIZE'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitDATA'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitSTACK'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitCORE'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitRSS'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitNOFILE'] => Variant[Integer[-1], Pattern['^(infinity|\d+(:(infinity|\d+))?)$'], Systemd::SettingEnsure],
Optional['DefaultLimitAS'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitNPROC'] => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$'], Systemd::SettingEnsure],
Optional['DefaultLimitMEMLOCK'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitLOCKS'] => Variant[Integer[1], Systemd::SettingEnsure],
Optional['DefaultLimitSIGPENDING'] => Variant[Integer[1], Systemd::SettingEnsure],
Optional['DefaultLimitMSGQUEUE'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
Optional['DefaultLimitNICE'] => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$'], Systemd::SettingEnsure],
Optional['DefaultLimitRTPRIO'] => Variant[Integer[0], Systemd::SettingEnsure],
Optional['DefaultLimitRTTIME'] => Variant[Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'], Systemd::SettingEnsure],
Optional['DefaultOOMPolicy'] => Variant[Enum['continue', 'stop','kill'], Systemd::SettingEnsure],
Optional['DefaultSmackProcessLabel'] => Variant[String, Systemd::SettingEnsure],
Optional['ReloadLimitIntervalSec'] => Variant[Enum['infinity'], Systemd::Timespan, Systemd::SettingEnsure],
Optional['ReloadLimitBurst'] => Variant[Integer[0], Systemd::SettingEnsure],
Optional['DefaultMemoryPressureWatch'] => Variant[Systemd::SettingEnsure],
Optional['DefaultMemoryPressureThresholdSec'] => Variant[Systemd::SettingEnsure],
}]
Systemd::SettingEnsure
Defines allowed ensure states for an ini_setting
Alias of Struct[{ 'ensure' => Enum['absent'] }]
Systemd::Timespan
Defines a timespan type
Alias of Variant[Integer[0], Pattern[/^([0-9]+ *(usec|us|msec|ms|seconds?|sec|s|minutes?|min|m|hours?|hr|h|days?|d|weeks?|w|months?|M|years?|y)? *)+$/]]
Systemd::Unit
custom datatype that validates different filenames for systemd units and unit templates
Alias of Pattern[/^[a-zA-Z0-9:\-_.\\@%]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$/]
Systemd::Unit::Amount
Systemd definition of amount, often bytes or united bytes Some man pages are lagging behind and only report support up to Tera. https://github.com/systemd/systemd/blob/main/src/basic/format-util.c shows support for Peta and Exa.
- See also
Alias of Variant[Integer[0], Pattern['\A(infinity|\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)\z']]
Systemd::Unit::AmountOrPercent
Systemd definition of amount, often bytes or united bytes
- See also
Alias of Variant[Systemd::Unit::Amount, Systemd::Unit::Percent]
Systemd::Unit::Install
Possible keys for the [Install] section of a unit file
Alias of
Struct[{
Optional['Alias'] => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
Optional['WantedBy'] => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
Optional['RequiredBy'] => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
Optional['Also'] => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
}]
Systemd::Unit::Mount
Possible keys for the [Mount] section of a unit file
Alias of
Struct[{
Optional['What'] => String[1],
Optional['Where'] => Stdlib::Unixpath,
Optional['Type'] => String[1],
Optional['Options'] => String[1],
Optional['SloppyOptions'] => Boolean,
Optional['LazyUnmount'] => Boolean,
Optional['ReadWriteOnly'] => Boolean,
Optional['ForceUnmount'] => Boolean,
Optional['DirectoryMode'] => Stdlib::Filemode,
Optional['TimeoutSec'] => String[0],
}]
Systemd::Unit::Path
Possible keys for the [Path] section of a unit file
Alias of
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
Changelog
All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.
v8.0.0 (2024-11-26)
Breaking changes:
- Drop support for RHEL 7, CentOS 7/8, Fedora 38/39, VirtuozzoLinux 7 #496 (jay7x)
- Replace deprecated
shell_escape
function withstdlib::shell_escape
#480 (jormaster3k)
Implemented enhancements:
- Support management of Swap unit files #502 (traylenator)
- [Systemd::Unit::Service] add support for LogRateLimit* options #500 (veshij)
- Add Ubuntu 24.04 and Fedora 40 support #498 (jay7x)
- Manage {system,user}.conf values #495 (jay7x)
- Support Mount units for manage_unit or dropin types #490 (traylenator)
- Reload udev rules after change #485 (deric)
- add support for journal upload and remote server #482 (trefzer)
- allow service time settings to accept Integer values #475 (vchepkov)
- Allow
MemorySwapMax
be specified as a percentage #472 (traylenator) - Rework Red Hat resolved package list to be more future proof #468 (jcpunk)
Merged pull requests:
- README: fix path in example #489 (kenyon)
- Update readme to reflect changes in #485 #487 (deric)
- README.md: correct service limits example #476 (kenyon)
v7.1.0 (2024-06-03)
Implemented enhancements:
- add MemoryDenyWriteExecute to Systemd::Unit::Service type #465 (TheMeier)
- Allow setting a specific package name for systemd-oomd #464 (jcpunk)
- Add support for timezone and hardware clock #462 (jcpunk)
- fix typo in service_limits deprecation message #460 (saz)
- fix: refresh service only based on drop-in file changes #406 (shieldwed)
Closed issues:
- Deprecation of systemd::service_limits unexpectedly causes service restarts in some scenarios #463
Merged pull requests:
v7.0.0 (2024-04-26)
Breaking changes:
- remove
systemd::escape
usage fortimer_wrapper
#452 (TheMeier) - Drop EoL Debian 10 support #448 (bastelfreak)
- Use Stdlib::CreateResources type for hiera expansions #438 (traylenator)
- Deprecate
systemd::service_limits
#437 (traylenator) - Don't allow ensure=file anymore for systemd::unit_file #434 (baurmatt)
Implemented enhancements:
- Add
NetworkNamespacePath
to unit service #440 - Add hiera-friendly option to manage dropins #435
- Manage units running under
systemd --user
instance #446 (traylenator) - New parameters to manage systemd-nspawn #444 (traylenator)
- Support reload of instances of systemd --user #443 (traylenator)
- Add NetworkNamespacePath as a valid unit service configuration #441 (Valantin)
- Create manage_unit, manage_dropin types from hiera #436 (traylenator)
- Make service restart upon unit file change optional #433 (schustersv)
- remove resolved settings from config when changed to
absent
#429 (TheMeier) - Add parameter to manage /etc/udev/rules.d directory #428 (TheMeier)
systemd::unit_file
: Ensure link gets removed onensure => absent
#405 (baurmatt)
Fixed bugs:
- IODeviceWeight, IOReadIOPSMax, .. do not work in systemd::manage_unit or systemd::dropin_file #424
- Correctly interpolate variables in
service_limits
#449 (ekohl) - Correct typing for IOReadIOPSMax, IOWriteIOPSMax,... in systemd::manage_dropin #430 (traylenator)
Closed issues:
- Service not enabled on systemd::timer #391
- create systemd::path #370
- create services/timers for users #328
Merged pull requests:
- Fix typo #455 (deric)
- Add test case for interpolation bug in name of used types #450 (traylenator)
init
:service_limits
param: don't refer tocreate_resources
#439 (kenyon)
v6.6.0 (2024-03-08)
Implemented enhancements:
v6.5.0 (2024-03-06)
Implemented enhancements:
- Add possibility to setup limits for user sessions #417
- add a cron-like systemd::timer interface #374
- Use Systemd::Unit::Amount, Percent and AmountOrPercent #422 (traylenator)
- Support
[Slice]
in manage_unit and manage_dropin #420 (traylenator) - feat: add a cron like wrapper for timers #419 (TheMeier)
Fixed bugs:
- Allow CPUQuota to be greater than 100% #423 (traylenator)
Merged pull requests:
- Rename daemon_reload.rb to daemon_reload_spec.rb #418 (TheMeier)
- manage_unit: correct minor mistakes in examples #415 (zbentley)
v6.4.0 (2024-02-26)
Implemented enhancements:
- Support
StartLimitIntervalSec
andStartLimitBurst
#412 (traylenator) - unit type: add
ConditionPathIsMountPoint
#408 (fragfutter) - Allow percent (%) character in unit names. #401 (traylenator)
Fixed bugs:
- Support multiple Environment Settings #409 (traylenator)
- Deleting duplicate Key entries in types/unit/service.pp #407 (C24-AK)
- systemd::cache = false result was vague. #403 (traylenator)
v6.3.0 (2023-12-06)
Implemented enhancements:
Fixed bugs:
- Invalid option
MaxFree
incordedump.conf
#398 - Correct coredump parameter from
MaxFree
toKeepFree
#399 (traylenator)
v6.2.0 (2023-11-21)
Implemented enhancements:
- Add
UMask
toSystemd::Unit::Service
#393 (griggi-ws) - Add
StateDirectory
toSystemd::Unit::Service
#392 (henrixh)
v6.1.0 (2023-10-30)
Implemented enhancements:
- Add Debian 12 support #386 (bastelfreak)
- Add OracleLinux 9 support #385 (bastelfreak)
- Install systemd-networkd package, if any #380 (ekohl)
- Add more security related parameters to service #379 (lkck24)
- only accept socket_entry for socket units #376 (evgeni)
- Implement DNSStubListenerExtra for resolved.conf #371 (ekohl)
- Support Debian 12 #357 (traylenator)
Merged pull requests:
- Drop OracleLinux 7 from metadata.json #384 (bastelfreak)
v6.0.0 (2023-09-04)
Breaking changes:
- Drop Ubuntu 18.04 which went out of standard support in May 2023 #365 (simondeziel)
Implemented enhancements:
- Add ability to manage StopIdleSessionSec in logind.conf #369 (jasonknudsen)
- add PrivateTmp and RuntimeDirectory #368 (oOHenry)
- add ability to set limits with the systemd::manage_unit resource #367 (oOHenry)
- Remove support for Fedora 36 and add support for Fedora 38 #366 (simondeziel)
- Add Puppet 8 support #359 (bastelfreak)
Fixed bugs:
v5.2.0 (2023-07-13)
Implemented enhancements:
- Missing WorkingDirectory parameter on Systemd::Unit::Service #320
- Nice, IOSchedulingPriority and IOSchedulingClass #363 (traylenator)
- allow to set StandardInput on service unit #362 (oOHenry)
- Allow SupplementaryGroups and DynamicUser #358 (traylenator)
- Allow LogLevelMax to be set in [Service] #356 (traylenator)
Fixed bugs:
v5.1.0 (2023-06-15)
Implemented enhancements:
- Support StandardOutput, StandardError and RequiresMountsFor. #353 (traylenator)
- Allow WorkingDirectory to be specified in [Service] #352 (traylenator)
- Socket support for manage unit and dropin #350 (traylenator)
- Allow puppetlabs-stdlib 9.x #349 (smortex)
- No insistence on unit_entry ever or service_entry with absent manage_unit #345 (traylenator)
- Add comment in manage_unit deployed files #333 (traylenator)
Closed issues:
v5.0.0 (2023-06-01)
Breaking changes:
- Drop Puppet 6 support #342 (bastelfreak)
Implemented enhancements:
- Refactor unit template #344 (traylenator)
- Allow LimitCORE in [Service] for manage_unit/dropin #341 (traylenator)
- Allow SyslogIdentifier, KillMode and KillSignal to [service] section #339 (traylenator)
- Addition of path directives to manage_unit/dropin #337 (traylenator)
- Addition of timer directives to manage_unit and manage_dropin #335 (traylenator)
- Allow DefaultDependencies to be set in [Unit] section #334 (traylenator)
Closed issues:
- Increase inifile version in metadata to \< 7.0.0 #336
Merged pull requests:
- Increase inifile dependency upper version to \< 7.0.0 #338 (canihavethisone)
- Group spec expectations in a single example #331 (ekohl)
v4.2.0 (2023-04-18)
Implemented enhancements:
Merged pull requests:
- Stick to the Puppet language style guide in examples #327 (smortex)
- Fix
manage_unit
example in README.md #326 (Enucatl)
v4.1.0 (2023-03-31)
Implemented enhancements:
- Expand managed unit entry with User, Group + EnvironmentFile Array #323 (ekohl)
- Add timer_entry to manage_{dropin,unit} #322 (ekohl)
- add support for {AlmaLinux,Rocky} {8,9} #319 (jhoblitt)
Fixed bugs:
- Systemd::Unit::Service: missing User and Group #299
v4.0.1 (2023-01-31)
Fixed bugs:
- Revert udevadm and udev facts from #292 #316 (jhoblitt)
- systemd::timer: fix before's argument to use the proper syntax #315 (simondeziel)
v4.0.0 (2023-01-27)
Breaking changes:
- drop support for fedora 30 & 31 (EOL) #310 (jhoblitt)
- drop support for ubuntu 16.04 (EOL) #308 (jhoblitt)
- drop debian 9 support (EOL) #307 (jhoblitt)
- Remove debian 8 support #305 (traylenator)
- systemd::unit_file: remove hasrestart/hasstatus params #264 (bastelfreak)
- Remove restart_service on service_limits define #193 (ekohl)
Implemented enhancements:
- Revisit setting daemon-reload to true by default #284
- The module should have the ability to reload services that have outdated unit dropin files #282
- Add restart_service parameter on service_limits for compatibility #313 (ekohl)
- add support for fedora 36 & 37 #309 (jhoblitt)
- Allow MemorySwapMax to be specified as service limit #304 (traylenator)
- add udevadm & udev facts #292 (jhoblitt)
- Make Systemd::Unit type stricter #290 (traylenator)
- New systemd::manage_unit, systemd::manage_dropin types #288 (traylenator)
- Add support for Ubuntu 22.04 #278 (simondeziel)
- Notify services by default on drop in files #194 (ekohl)
Fixed bugs:
- systemd-timesyncd package should be managed, if required #294
- feat: manage timesyncd package on Debian >= 11 and Ubuntu >= 20.04 #296 (saz)
- resolved:
onlyif
snippet requires shell support #293 (simondeziel) - Correct docs for name var of systemd::dropin_file #289 (traylenator)
v3.10.0 (2022-06-20)
Implemented enhancements:
- systemd::timer: move variable definition close to where it is used #280 (simondeziel)
- Add comment hint about initrd for folks #279 (jcpunk)
- Fix systemctl daemon-reload after file additions #277 (trevor-vaughan)
- systemd::resolved: save readlink's value to avoid calling it twice #276 (simondeziel)
Fixed bugs:
- systemd::dropin_file doesn't cause a systemd daemon-reload #234
Merged pull requests:
- Minor wordsmithing in README #283 (op-ct)
- Correct spelling mistakes #275 (EdwardBetts)
v3.9.0 (2022-05-25)
Implemented enhancements:
- Add machine-info information management #272 (jcpunk)
- Add management of systemd-oomd #271 (jcpunk)
- Add parameter to manage default target #270 (jcpunk)
- Support Service Limits specified in Bytes #268 (optiz0r)
- Allows % and infinity for Memory Limits + Add MemoryMin #267 (SeanHood)
- Add CentOS 9 to supported operating systems #266 (kajinamit)
- Add function systemd::systemd_escape #243 (jkroepke)
Fixed bugs:
Closed issues:
- systemd target support #265
- systemd::escape function is does not escape a lot of other characters #242
v3.8.0 (2022-03-02)
Implemented enhancements:
- dropin_file: Implement service_parameters hash #259 (bastelfreak)
Fixed bugs:
- systemd::udev::rule: param rules now defaults to
[]
/ fix broken tests #260 (bastelfreak)
Merged pull requests:
- unit_file: deprecate hasrestart/hasstatus params #261 (bastelfreak)
v3.7.0 (2022-02-23)
Implemented enhancements:
- Install systemd-resolved on RedHat 7 #257 (traylenator)
- New parmater manage_resolv_conf for /etc/resolv.conf #256 (traylenator)
- Manage systemd-coredump config and setup #251 (traylenator)
Fixed bugs:
- systemd-resolved cannot be fully disabled because /etc/resolv.conf is managed #203
- Do not install systemd-resolved RedHat 8 #254 (traylenator)
- timer: timer unit must depend on service unit. #253 (olifre)
- Don't manage /etc/resolv.conf if systemd-resolved is stopped #252 (traylenator)
Closed issues:
- missing hiera lookup_options #196
Merged pull requests:
- Addition of Trivial Acceptance Tests #255 (traylenator)
- document systemd::unit_file example with puppet-strings #250 (bastelfreak)
v3.6.0 (2022-02-15)
Implemented enhancements:
- unit_file: Implement selinux_ignore_defaults #248 (bastelfreak)
- unit_file: Implement hasrestart/hasstatus #247 (bastelfreak)
- Install systemd-resolved on CentOS 8 and 9 #246 (traylenator)
- Manage entries in modules-load.d directory #244 (traylenator)
Fixed bugs:
v3.5.2 (2022-01-12)
Fixed bugs:
- timesyncd compatibility with Debian 8 #239 (tuxmea)
- Link the unit file to /dev/null when "enable => mask" #236 (simondeziel)
Closed issues:
- README refers to non-existent dns_stub_resolver parameter #195
- Parameter value 'mask' for 'enable' does not work #188
v3.5.1 (2021-10-20)
Fixed bugs:
- Declare a default for $accounting #229 (ekohl)
- Do a daemon reload for static units #199 (simondeziel)
Closed issues:
Merged pull requests:
- Correct use_stub_resolver example in README #230 (traylenator)
v3.5.0 (2021-09-13)
Implemented enhancements:
- Add Gentoo support #227 (bastelfreak)
- Add CentOS/RHEL 9 support #226 (mbaldessari)
- Use os.family for RedHat based Hiera data #225 (treydock)
- Add additional hash parameters for defined types #223 (bastelfreak)
- Add Debian 11 support #222 (bastelfreak)
- Add systemd::escape function #220 (traylenator)
Merged pull requests:
- Migrate static data from hiera to init.pp #221 (bastelfreak)
v3.4.0 (2021-09-03)
Implemented enhancements:
- CentOS 8: Enable more accounting options #218 (bastelfreak)
Merged pull requests:
- puppet-lint: fix top_scope_facts warnings #217 (bastelfreak)
- add puppet-lint-param-docs #216 (bastelfreak)
v3.3.0 (2021-08-25)
Implemented enhancements:
Merged pull requests:
v3.2.0 (2021-07-27)
Implemented enhancements:
- Add option to purge non-managed networkd files #209 (bastelfreak)
- Allow
systemd::unit_file
Deferred
content
#208 (alexjfisher) - systemd::network: Validate if content/source are set for file resource #205 (bastelfreak)
Merged pull requests:
- Add puppet-strings documentation for systemd::network #207 (bastelfreak)
- Fix
Optional
datatype for non-optional parameters #206 (bastelfreak)
v3.1.0 (2021-07-12)
Implemented enhancements:
Merged pull requests:
- Correct puppet-strings documentation #192 (ekohl)
- Add notify_service support to dropin_file #191 (ekohl)
3.0.0 (2021-04-16)
Breaking changes:
Implemented enhancements:
- add ubuntu2004 #187 (GervaisdeM)
- allow Puppet 7 and add to Travis testing; remove Puppet 5 from Travis testing #183 (kenyon)
- metadata: allow stdlib 7.0.0 and inifile 5.0.0 #182 (kenyon)
Closed issues:
- Static units cannot be enabled #180
- Cyclic dependency error when using systemd::unit_file in multiple classes #178
Merged pull requests:
- release 3.0.0 #189 (bastelfreak)
- Bump version to 3.0.0-rc0 #186 (ekohl)
- Correct path in use_stub_resolver documentation #177 (ekohl)
2.12.0 (2021-02-10)
Implemented enhancements:
- Allow service reloading #159 #175 (k0ka)
- Allow additional option for $cache parameter #169 (bryangwilliam)
- Add management of udev objects #165 (jcpunk)
2.11.0 (2021-01-19)
Implemented enhancements:
- Move lint control statements out of documentation #172 (ekohl)
- Permit using arrays to make extending lists easier #164 (jcpunk)
- Add parameter for ENCs to make loginctl_users easily #163 (jcpunk)
- Fix yamllint #161 (jcpunk)
- Resolve puppet-lint warnings #160 (jcpunk)
- Convert from mocha to rspec-mocks #158 (ekohl)
- Add ability to specify supported option 'infinity' for LimitNPROC #152 (hdeheer)
Closed issues:
Merged pull requests:
2.10.0 (2020-08-21)
Implemented enhancements:
- Fix typo in parameter name in class documentation #156 (ekohl)
- Add selinux_ignore_defaults support to dropin_file and service_limits #151 (tobias-urdin)
- pdk update #150 (TheMeier)
- add factory for dropin files #149 (TheMeier)
Closed issues:
- add timer support #118
- Cache cannot be set to no in /etc/systemd/resolved.conf #113
- Please release a new version with stdlib 6 support #105
- Regex error when tying to set CPUQuota service limit. #91
- Include puppetlabs-inifile in the dependencies list #77
- migration path drop in file from 0.4.0 to 1.0.0 #40
- 'systemctl daemon-reload' is not qualified #22
Merged pull requests:
2.9.0 (2020-03-11)
Breaking changes:
- Revert "add option for persistent logging (#127)" #146 (bastelfreak)
- add option for persistent logging #127 (djvl)
Implemented enhancements:
- Add EL8 Support #144 (trevor-vaughan)
- Add Fedora 30/31 compatibility #141 (bastelfreak)
- New systemd::timer define type #138 (mmoll)
- Add SLES 12/15 support #137 (msurato)
Closed issues:
- Discussion: use class instead of exec for notification #2
Merged pull requests:
- Release of 2.9.0 #145 (trevor-vaughan)
- fix Issue 113 #140 (schlitzered)
2.8.0 (2020-01-08)
Implemented enhancements:
- Rubocop #135 (raphink)
- Convert to PDK #132 (raphink)
- Add loginctl_user type/provider #131 (raphink)
- Update types to avoid / in unit or drop file name #130 (traylenator)
- Force tmpfiles.d drop file to end in .conf #129 (traylenator)
- Add OOMScoreAdjust to Systemd::ServiceLimits type #128 (jlutran)
- allow puppetlabs/inifile 4.x #126 (bastelfreak)
Merged pull requests:
2.7.0 (2019-10-29)
Implemented enhancements:
- add support for 'VirtuozzoLinux 7' #121 (kBite)
- Manage logind service and configuration #120 (fraenki)
- allow Sensitive type for content param #115 (TheMeier)
Closed issues:
- vacuum as routine task #123
- Manage dropin_file for target type systemd unit #117
- Allow Sensitive type for systemd::dropin_file::content #114
Merged pull requests:
2.6.0 (2019-06-17)
Implemented enhancements:
- Allow for lazy/eager systemctl daemon reloading #111 (JohnLyman)
- Remove stray
v
from Changelogconfig.future_release
#110 (alexjfisher)
2.5.1 (2019-05-29)
Implemented enhancements:
- Pin
public_suffix
to3.0.3
on rvm 2.1.9 builds #108 (alexjfisher) - run CI jobs on xenial instead of trusty #107 (bastelfreak)
2.5.0 (2019-05-29)
Implemented enhancements:
- Allow
puppetlabs/stdlib
6.x #103 (alexjfisher)
2.4.0 (2019-04-29)
Implemented enhancements:
- Allow
puppetlabs/inifile
3.x #101 (alexjfisher)
2.3.0 (2019-04-10)
Implemented enhancements:
Closed issues:
- Puppet version compatibility #34
2.2.0 (2019-02-25)
Implemented enhancements:
- Puppet 6 support #96 (ekohl)
- Allow specifying owner/group/mode/show_diff #94 (simondeziel)
- Manage journald service and configuration #89 (treydock)
- Add support for DNSoverTLS #88 (shibumi)
- unit.d directory should be purged of unmanaged dropin files #41 (treydock)
- Add Journald support #14 (duritong)
Closed issues:
- Hiera usage for systemd::unit_file #86
- Please push a new module to the forge that includes service_limits #25
2.1.0 (2018-08-31)
Implemented enhancements:
- do not access facts as top scope variable #85 (bastelfreak)
- allow puppetlabs/stdlib 5.x #83 (bastelfreak)
- Modify service limit type #81 (bastelfreak)
- Add parameter to select resolver #79 (amateo)
- Fix CHANGELOG.md duplicate footer #78 (alexjfisher)
Merged pull requests:
2.0.0 (2018-07-11)
Breaking changes:
- move params to data-in-modules #67 (bastelfreak)
Implemented enhancements:
- add ubuntu 18.04 support #72 (bastelfreak)
- bump facter to latest 2.x version #71 (bastelfreak)
- Add enable and active parameters to unit_file #69 (jcharaoui)
- Update the documentation of facts #68 (ekohl)
- purge legacy puppet-lint checks #66 (bastelfreak)
- Add support for Resource Accounting via systemd #65 (bastelfreak)
- Reuse the systemd::dropin_file in service_limits #61 (ekohl)
- Allow resolved class to configure DNS settings #59 (hfm)
- Replace iterator with stdlib function #58 (jfleury-at-ovh)
- implement github changelog generator #45 (bastelfreak)
Closed issues:
- Better test for systemd (and other init systems) #37
Merged pull requests:
- fix puppet-linter warnings in README.md #75 (bastelfreak)
- cleanup README.md #60 (bastelfreak)
1.1.1 (2017-11-29)
Implemented enhancements:
- Clean up test tooling #54 (ekohl)
- Correct parameter documentation #53 (ekohl)
- Use a space-separated in timesyncd.conf #50 (hfm)
- Use the same systemd drop-in file for different units #46 (countsudoku)
Closed issues:
Merged pull requests:
1.1.0 (2017-10-24)
Implemented enhancements:
- Add systemd-timesyncd support #43 (bastelfreak)
- Reuse the service_provider fact from stdlib #42 (ekohl)
- (doc) Adds examples of running the service created #29 (petems)
- Quote hash keys in example of service limits #20 (stbenjam)
Closed issues:
1.0.0 (2017-09-04)
Implemented enhancements:
- Add support for drop-in files #39 (countsudoku)
- Adds control group limits to ServiceLimits #36 (trevor-vaughan)
- General cleanup + add Puppet4 datatypes #32 (bastelfreak)
- add management for systemd-resolved #31 (bastelfreak)
- Add a network defined resource #30 (bastelfreak)
- Add seltype to systemd directory #27 (petems)
- Add MemoryLimit to limits template #23 (pkilambi)
- Update to support Puppet 4 #18 (trevor-vaughan)
- Manage resource limits of services #13 (ruriky)
- Refactor systemd facts #12 (petems)
Closed issues:
- PR#18 broke service limits capacity #35
- stdlib functions are used, but no stdlib requirement in metadata.json #28
- investigate update to camptocamp/systemd module #21
- Module should be updated to use the new Puppet 4 goodness #17
Merged pull requests:
0.4.0 (2016-08-18)
Implemented enhancements:
- Add target param for the unit file #10 (tampakrap)
- only use awk, instead of grep and awk #9 (igalic)
Closed issues:
0.3.0 (2016-05-16)
Implemented enhancements:
- Shortcut for creating unit files / tmpfiles #4 (felixb)
- Add systemd facts #6 (roidelapluie)
0.2.2 (2015-08-25)
Implemented enhancements:
- Add 'systemd-tmpfiles-create' #1 (roidelapluie)
0.2.1 (2015-08-21)
- Use docker for acceptance tests
0.1.15 (2015-06-26)
- Fix strict_variables activation with rspec-puppet 2.2
0.1.14 (2015-05-28)
- Add beaker_spec_helper to Gemfile
0.1.13 (2015-05-26)
- Use random application order in nodeset
0.1.12 (2015-05-26)
- Add utopic & vivid nodesets
0.1.11 (2015-05-25)
- Don't allow failure on Puppet 4
0.1.10 (2015-05-13)
- Add puppet-lint-file_source_rights-check gem
0.1.9 (2015-05-12)
- Don't pin beaker
0.1.8 (2015-04-27)
- Add nodeset ubuntu-12.04-x86_64-openstack
0.1.7 (2015-04-03)
- Confine rspec pinning to ruby 1.8
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 9.0.0 < 10.0.0)
- puppetlabs/inifile (>= 1.6.0 < 7.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.