+++ /dev/null
-Running Knot Resolver under systemd (or equivalent) socket activation
-=====================================================================
-
-You can use the files in this directory to run kresd under supervision
-by systemd (or any supervisor that provides equivalent file descriptor
-initialization via the interface supported by
-sd_listen_fds_with_names(3)).
-
-Usage and Configuration
------------------------
-
-See kresd.systemd(7) for details.
-
-Compatibility with older systemd
---------------------------------
-
-If you're using systemd prior to version 227, use the systemd-compat.conf
-drop-in file to use manual activation. In this case, socket files shouldn't
-be packaged, because they won't be used.
-
-Notes
------
-
-* If you're using the upstream systemd unit files, don't forget to also include
- kresd.systemd.7 manual page in the package.
-* Distributions using systemd-sysv-generator should mask kresd.service to
- be consistent with other distributions. Any use of kresd.service instead of
- kresd@N.service is discouraged to avoid confusing the users.
-* kresd.target should be enabled by default by linking it to systemd lib/
- directory. Instances of kresd@.service are then added manually to
- kresd.target when the user enables them.
+++ /dev/null
-# /etc/systemd/system/kresd-tls.socket.d/override.conf
-
-# Configure which interfaces should kresd listen on.
-# ListenStream can be added multiple times.
-
-[Socket]
-ListenStream=192.0.2.115:853
+++ /dev/null
-# /etc/systemd/system/kresd.socket.d/override.conf
-
-# Configure which interfaces should kresd listen on.
-# ListenDatagram and ListenStream can be added multiple times.
-
-[Socket]
-ListenDatagram=192.0.2.115:53
-ListenStream=192.0.2.115:53
+++ /dev/null
-# /usr/lib/systemd/system/kresd@.service.d/override.conf
-
-# If systemd.227+ isn't available (e.g. CentOS 7), socket activation can't be used
-# and the following modifications are required to use the service with
-# manual activation.
-
-# CAP_NET_BIND_SERVICE is necessary to be able to bind to a well-known port
-# as an unprivilidged user.
-
-# Explicit --forks=1 turns off interactive mode.
-
-[Service]
-Type=simple
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-ExecStart=
-ExecStart=/usr/sbin/kresd --config=/etc/knot-resolver/kresd.conf --forks=1
-Sockets=
+++ /dev/null
-# tmpfiles.d(5) runtime directory for knot-resolver (kresd)
-#Type Path Mode UID GID Age Argument
- d /run/knot-resolver 0750 root root - -
- d /var/cache/knot-resolver 0750 knot-resolver knot-resolver - -
doc_dir = join_paths(prefix, get_option('datadir'), 'doc', 'knot-resolver')
etc_dir = join_paths(prefix, get_option('sysconfdir'), 'knot-resolver')
sbin_dir = join_paths(prefix, get_option('sbindir'))
+systemd_cache_dir = ''
+run_dir = ''
+systemd_unit_dir = ''
+systemd_tmpfiles_dir = ''
modules_dir = get_option('modules_dir')
if modules_dir == ''
subdir('doc')
subdir('etc')
+# systemd integration
+if systemd
+ subdir('systemd')
+endif
+
# summary message
# NOTE: ternary operator in format() not supported
systemd: @0@'''.format(summary_systemd) + '''
socket activation: @0@'''.format(summary_systemd_socket) + '''
user mode: @0@'''.format(summary_systemd_user_mode) + '''
+ cache_dir: @0@'''.format(systemd_cache_dir) + '''
+ run_dir: @0@'''.format(run_dir) + '''
components
client: @0@'''.format(summary_build_client) + '''
[Socket]
Service=kresd@%i.service
-ListenStream=/run/knot-resolver/control@%i
+ListenStream=@run_dir@/control@%i
FileDescriptorName=control
SocketMode=0660
Slice=system-kresd.slice
[Service]
Type=notify
-WorkingDirectory=/var/cache/knot-resolver
-ExecStart=/usr/sbin/kresd --config=/etc/knot-resolver/kresd.conf
-User=knot-resolver
+WorkingDirectory=@systemd_cache_dir@
+ExecStart=@sbin_dir@/kresd --config=@etc_dir@/kresd.conf
+User=@user@
Restart=on-failure
Sockets=kresd.socket
Sockets=kresd-tls.socket
--- /dev/null
+# systemd
+
+## paths
+# TODO user mode
+systemd_cache_dir = join_paths(
+ prefix, get_option('localstatedir'), 'cache', 'knot-resolver')
+run_dir = join_paths('/run', 'knot-resolver')
+systemd_unit_dir = join_paths(prefix, get_option('libdir'), 'systemd', 'system')
+systemd_tmpfiles_dir = join_paths(prefix, get_option('libdir'), 'tmpfiles.d')
+
+## configuration
+systemd_config = configuration_data()
+systemd_config.set('user', user)
+systemd_config.set('group', group)
+systemd_config.set('systemd_cache_dir', systemd_cache_dir)
+systemd_config.set('sbin_dir', sbin_dir)
+systemd_config.set('etc_dir', etc_dir)
+systemd_config.set('run_dir', run_dir)
+
+# TODO Restart=on-abnormal
+
+if systemd_socket
+ # unit files
+ kresd_service = configure_file(
+ input: 'kresd@.service.in',
+ output: 'kresd@.service',
+ configuration: systemd_config,
+ install_dir: systemd_unit_dir,
+ )
+ kresd_control_socket = configure_file(
+ input: 'kresd-control@.socket.in',
+ output: 'kresd-control@.socket',
+ configuration: systemd_config,
+ install_dir: systemd_unit_dir,
+ )
+
+ install_data(
+ sources: [
+ 'kresd.socket',
+ 'kresd-tls.socket',
+ 'kresd.target',
+ ],
+ install_dir: systemd_unit_dir,
+ )
+
+ install_man('kresd.systemd.7') # TODO amend man page + configure
+
+ # tmpfiles
+ tmpfiles = configure_file(
+ input: 'tmpfiles.d/knot-resolver.conf.in',
+ output: 'knot-resolver.conf',
+ configuration: systemd_config,
+ install_dir: systemd_tmpfiles_dir,
+ )
+
+ # TODO example drop-ins
+else
+ subdir('nosocket')
+endif
--- /dev/null
+# tmpfiles.d(5) directories for knot-resolver (kresd)
+#Type Path Mode UID GID Age Argument
+ d @run_dir@ 0750 root root - -
+ d @systemd_cache_dir@ 0750 @user@ @group@ - -
projects / thirdparty / knot-resolver.git / commitdiff
