2023-04-21 16:00:50 +00:00
#!/usr/bin/python3
import pathlib
from typing import List , Union
2024-02-11 13:35:00 +00:00
try :
2024-02-11 13:39:52 +00:00
from ansible_module . module_utils . generic import SYSTEMD_SERVICE_CONFIG , Types
from ansible_module . module_utils . module import SystemdReloadMixin , SystemdUnitModule , installable
2024-02-11 13:35:00 +00:00
except ImportError :
2024-02-11 19:59:50 +00:00
from ansible_collections . sebastian . base . plugins . module_utils . generic import SYSTEMD_SERVICE_CONFIG , Types
from ansible_collections . sebastian . base . plugins . module_utils . module import SystemdReloadMixin , SystemdUnitModule , installable
2023-04-21 16:00:50 +00:00
@installable
2024-03-08 23:13:24 +00:00
class Module ( SystemdUnitModule , SystemdReloadMixin ) : # type: ignore[misc]
2023-04-21 16:00:50 +00:00
""" Creates System Services units """
name = " system_service "
module_spec = dict (
argument_spec = dict (
2023-04-23 08:32:42 +00:00
name = Types . str ( required = True , help = " Name of the service " ) ,
serviceuser = Types . str ( help = " Username of under which the commands run at. " , default = " root " ) ,
servicegroup = Types . str ( help = " Group of under which the commands run at. " , default = " root " ) ,
2023-04-21 16:00:50 +00:00
type = Types . str (
choices = ( " simple " , " exec " , " forking " , " oneshot " , " dbus " , " notify " , " notify-reload " , " idle " ) ,
default = " simple " ,
help = " Type of the systemd service. \n "
" simple and exec start long running services that run in the same process over the whole time, exec is waiting until the process was started completly. \n "
" forking does some things in the foreground, starts an background process and then exits to leave the work to the background process. \n "
" oneshot processes are started by systemd, do their work and then exit, similar to cronjobs. \n "
" dbus services will be considered started up once they aquire the specified dbus bus "
" notify and notify-reload notify systemd about the start up via sd_notify. notify-reload needs also inform systemd on reloads and when it is ready again after an reload. \n "
" idle is similar to simple, but it can delay the start up by a few seconds. " ,
) ,
2024-03-04 22:07:40 +00:00
pre = Types . list ( elements = str , help = " command or list of commands that are started before the main command " ) ,
2023-04-21 16:00:50 +00:00
start = Types . list (
2024-03-04 22:07:40 +00:00
elements = str ,
required = True ,
2023-04-21 16:00:50 +00:00
help = " command or list of commands that are started as main programm. Multiple commands are only allowed in a oneshot command " ,
) ,
2024-03-11 19:41:02 +00:00
stop = Types . str ( help = " command that is started to stop the main program. " ) ,
remain = Types . bool ( help = " should the service remain as started after the command exited " ) ,
2023-04-21 16:00:50 +00:00
post = Types . list ( str , help = " Command or list of commands that are started after the main command(s) stopped without problems. " ) ,
2023-04-23 08:32:42 +00:00
environmentfile = Types . list (
2024-03-04 22:07:40 +00:00
elements = str ,
help = " List of file that are containing environment variables. They are evaluated before each pre/start/post command " ,
2023-04-23 08:32:42 +00:00
) ,
environment = Types . list (
2024-03-04 22:07:40 +00:00
elements = Types . dict (
2023-04-23 08:32:42 +00:00
name = Types . str ( help = " name of the Environment variable " , required = True ) ,
value = Types . str ( help = " value of the Environment variable " , required = True ) ,
) ,
help = " List of environment variables that are set to each command before they run " ,
) ,
2023-11-23 18:08:51 +00:00
workingdirectory = Types . str (
help = " The Directory that is used for the processes as current working directory " ,
) ,
rwpath = Types . list (
elements = Types . path ( ) ,
help = " Path(s) that are readable and writable (if permission allow) " ,
) ,
ropath = Types . list (
elements = Types . path ( ) ,
help = " Path(s) that are read only " ,
) ,
notreadablepath = Types . list (
elements = Types . path ( ) ,
help = " Path(s) that are not accessible by the applications " ,
) ,
execpath = Types . list (
elements = Types . path ( ) ,
help = " Path(s) where executable files are " ,
) ,
noexecpath = Types . list (
elements = Types . path ( ) ,
help = " Path(s) which are never executable (uploaded files, user accessible paths) " ,
) ,
protecthome = Types . str (
help = " if true makes user specific directories (/home, /root, /run/user) inaccessible. read-only makes them read only and tmpfs is useful to create binds in it " ,
choices = ( " true " , " false " , " read-only " , " tmpfs " ) ,
) ,
protectsystem = Types . str (
help = " makes the system read only. if true /usr, /boot and /efi are read only, if full additionally /etc and if strict all except /proc, /sys and /dev " ,
choices = ( " true " , " false " , " full " , " strict " ) ,
) ,
nonewprivileges = Types . bool (
help = " disables the ability to get new capabilities for processes than already granted ones " ,
) ,
statedirectory = Types . str (
help = " creates an unit specific state directory in /var/lib and sets the env var STATE_DIRECTORY with the path to it. Its cleaned up after the unit is stopped "
) ,
2024-03-11 19:41:02 +00:00
runtimedirectory = Types . str (
help = " creates an unit specific runtime directory in /run and sets the env var RUNTIME_DIRECTORY with the path to it. Its cleaned up after the unit is stopped "
) ,
restart = Types . str ( ) ,
restartsec = Types . str ( ) ,
2023-04-21 16:00:50 +00:00
) ,
)
def prepare ( self ) :
2023-04-23 08:32:42 +00:00
self . unitfile = ( SYSTEMD_SERVICE_CONFIG / self . get ( " name " ) ) . with_suffix ( " .service " )
2023-04-21 18:56:16 +00:00
self . __unit = None
2023-04-21 16:00:50 +00:00
if self . get ( " type " , " simple " ) != " oneshot " and len ( self . get ( " start " ) ) > 1 :
self . module . fail_json ( " only oneshot services are allowed to have multiple start commands " , * * self . result )
2024-03-08 23:13:24 +00:00
def service ( self ) - > str :
2023-11-23 18:08:51 +00:00
params = [ ]
if self . get ( " environment " , False ) :
for env in self . get ( " environment " ) :
params . append ( f " Environment= { env [ ' name ' ] } = { env [ ' value ' ] } \n " )
params . extend (
2023-04-23 08:32:42 +00:00
self . map_param (
type = " Type " ,
pre = " ExecStartPre " ,
start = " ExecStart " ,
2024-03-11 19:41:02 +00:00
stop = " ExecStop " ,
2023-04-23 08:32:42 +00:00
post = " ExecStartPost " ,
serviceuser = " User " ,
servicegroup = " Group " ,
workingdirectory = " WorkingDirectory " ,
2023-11-23 18:08:51 +00:00
environmentfile = " EnvironmentFile " ,
protecthome = " ProtectHome " ,
protectsystem = " ProtectSystem " ,
rwpath = " ReadWritePaths " ,
ropath = " ReadOnlyPaths " ,
notreadablepath = " InaccessiblePaths " ,
execpath = " ExecPaths " ,
noexecpath = " NoExecPaths " ,
statedirectory = " StateDirectory " ,
2024-03-11 19:41:02 +00:00
runtimedirectory = " RuntimeDirectory " ,
2023-12-09 12:04:21 +00:00
nonewprivileges = " NoNewPriviledges " ,
2024-03-11 19:41:02 +00:00
remain = " RemainAfterExit " ,
restart = " Restart " ,
restartsec = " RestartSec " ,
2023-04-23 08:32:42 +00:00
)
)
2024-03-08 23:13:24 +00:00
return " [Service] \n " + " " . join ( params )
2023-04-21 16:00:50 +00:00
def unit ( self ) - > str :
if self . __unit is None :
2024-03-08 23:13:24 +00:00
self . __unit = self . _unit (
self . header ( ) ,
self . service ( ) ,
self . install ( ) , # type: ignore[call-arg,misc]
2023-04-21 16:00:50 +00:00
)
return self . __unit
DOCUMENTATION = """ ---
description :
- Creates System Services units
module : system_service
options :
after :
default : [ ]
description :
- list of units that this unit wants to be started after this unit
elements : str
required : false
type : list
before :
default : [ ]
description :
- list of units that this unit needs to be started before this unit .
elements : str
required : false
type : list
description :
description :
- An description for programs that access systemd
required : false
type : str
documentation :
default : [ ]
description :
- Paths where documentation can be found
elements : str
required : false
type : list
2023-04-23 08:32:42 +00:00
environment :
default : [ ]
description :
- List of environment variables that are set to each command before they run
elements : dict
options :
name :
description :
- name of the Environment variable
required : true
type : str
value :
description :
- value of the Environment variable
required : true
type : str
2023-04-21 16:00:50 +00:00
required : false
2023-04-23 08:32:42 +00:00
type : list
environmentfile :
default : [ ]
description :
- List of file that are containing environment variables . They are evaluated before
each pre / start / post command
elements : str
required : false
type : list
2023-11-23 18:08:51 +00:00
execpath :
default : [ ]
description :
- Path ( s ) where executable files are
elements : path
required : false
type : list
2023-04-21 16:00:50 +00:00
name :
2023-04-23 08:32:42 +00:00
description :
- Name of the service
2023-04-21 16:00:50 +00:00
required : true
type : str
2023-11-23 18:08:51 +00:00
noexecpath :
default : [ ]
description :
- Path ( s ) which are never executable ( uploaded files , user accessible paths )
elements : path
required : false
type : list
nonewprivileges :
description :
- disables the ability to get new capabilities for processes than already granted
ones
required : false
type : bool
notreadablepath :
default : [ ]
description :
- Path ( s ) that are not accessible by the applications
elements : path
required : false
type : list
2023-04-21 16:00:50 +00:00
partof :
default : [ ]
description :
- list of units that this unit is part of .
- If the restart this unit does it too , but if this restarts it does not affect
the other units .
elements : str
required : false
type : list
post :
default : [ ]
description :
- Command or list of commands that are started after the main command ( s ) stopped
without problems .
elements : str
required : false
type : list
pre :
default : [ ]
description :
2024-03-08 23:13:24 +00:00
- command or list of commands that are started before the main command
2023-04-21 16:00:50 +00:00
elements : str
required : false
type : list
2023-11-23 18:08:51 +00:00
protecthome :
choices :
- ' true '
- ' false '
- read - only
- tmpfs
description :
- if true makes user specific directories ( / home , / root , / run / user ) inaccessible .
read - only makes them read only and tmpfs is useful to create binds in it
required : false
type : str
protectsystem :
choices :
- ' true '
- ' false '
- full
- strict
description :
- makes the system read only . if true / usr , / boot and / efi are read only , if full
additionally / etc and if strict all except / proc , / sys and / dev
required : false
type : str
2024-03-11 19:41:02 +00:00
remain :
description :
- should the service remain as started after the command exited
required : false
type : bool
2023-04-21 16:00:50 +00:00
required_by :
default : [ ]
description :
- systemd units that require this mount
elements : str
required : false
type : list
requires :
default : [ ]
description :
- list of units that this unit requires . If it fails or can ' t be started this
unit fails . without before / after this is started at the same time
elements : str
required : false
type : list
2024-03-11 19:41:02 +00:00
restart :
required : false
type : str
restartsec :
required : false
type : str
2023-11-23 18:08:51 +00:00
ropath :
default : [ ]
description :
- Path ( s ) that are read only
elements : path
required : false
type : list
2024-03-11 19:41:02 +00:00
runtimedirectory :
description :
- creates an unit specific runtime directory in / run and sets the env var RUNTIME_DIRECTORY
with the path to it . Its cleaned up after the unit is stopped
required : false
type : str
2023-11-23 18:08:51 +00:00
rwpath :
default : [ ]
description :
- Path ( s ) that are readable and writable ( if permission allow )
elements : path
required : false
type : list
2023-04-23 08:32:42 +00:00
servicegroup :
default : root
description :
- Group of under which the commands run at .
required : false
type : str
serviceuser :
default : root
description :
- Username of under which the commands run at .
required : false
type : str
2023-04-21 16:00:50 +00:00
start :
description :
- command or list of commands that are started as main programm . Multiple commands
are only allowed in a oneshot command
elements : str
required : true
type : list
2023-11-23 18:08:51 +00:00
statedirectory :
description :
- creates an unit specific state directory in / var / lib and sets the env var STATE_DIRECTORY
with the path to it . Its cleaned up after the unit is stopped
required : false
type : str
2024-03-11 19:41:02 +00:00
stop :
description :
- command that is started to stop the main program .
required : false
type : str
2023-04-21 16:00:50 +00:00
type :
choices :
- simple
- exec
- forking
- oneshot
- dbus
- notify
- notify - reload
- idle
default : simple
description :
- Type of the systemd service .
- simple and exec start long running services that run in the same process over
the whole time , exec is waiting until the process was started completly .
- forking does some things in the foreground , starts an background process and
then exits to leave the work to the background process .
- oneshot processes are started by systemd , do their work and then exit , similar
to cronjobs .
- dbus services will be considered started up once they aquire the specified dbus
busnotify and notify - reload notify systemd about the start up via sd_notify .
notify - reload needs also inform systemd on reloads and when it is ready again
after an reload .
- idle is similar to simple , but it can delay the start up by a few seconds .
required : false
type : str
wanted_by :
default : [ ]
description :
- systemd units that want the mount , but not explicitly require it . Commonly used
for target if not service explicitly require it .
elements : str
required : false
type : list
wants :
default : [ ]
description :
- list of units that this unit wants . If it fails or can ' t be started it does
not affect this unit
elements : str
required : false
type : list
2023-04-23 08:32:42 +00:00
workingdirectory :
description :
- The Directory that is used for the processes as current working directory
required : false
type : str
2023-04-21 16:00:50 +00:00
short_description : Creates System Services units
"""
if __name__ == " __main__ " :
Module ( ) ( )