chore!: separated galaxy deps and own collections; modified ansible script generation to use two paths for collections

REQUIRES REGENERATING ansible.cfg!
This commit is contained in:
NaeiKinDus 2025-02-23 00:00:00 +00:00
parent 4af69c31ce
commit 888590ed9f
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
188 changed files with 30 additions and 30 deletions

View file

@ -0,0 +1,39 @@
[Unit]
Description="HashiCorp Vault"
Requires=network-online.target
After=network-online.target
StartLimitIntervalSec=120
StartLimitBurst=4
ConditionCapability=CAP_IPC_LOCK
ConditionCapability=CAP_SYSLOG
ConditionFileNotEmpty={{ hc_vault_root_dir }}/config/main.hcl
ConditionPathIsDirectory={{ hc_vault_root_dir }}/tls
[Install]
WantedBy=multi-user.target
[Service]
AmbientCapabilities=CAP_IPC_LOCK
CapabilityBoundingSet=CAP_IPC_LOCK CAP_SYSLOG
EnvironmentFile={{ hc_vault_root_dir }}/config/vault.env
ExecStart={{ hc_vault_binary_path }} server -config={{ hc_vault_root_dir }}/config/main.hcl
Group={{ hc_vault_runas }}
KillMode=process
KillSignal=SIGINT
LimitCORE=0
LimitMEMLOCK=infinity
LimitNOFILE=65536
LockPersonality=yes
NoNewPrivileges=yes
OOMScoreAdjust=-500
PrivateDevices=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full
Restart=on-failure
RestartSec=5
SecureBits=keep-caps
TimeoutSec=30
Type=notify-reload
UMask=0077
User={{ hc_vault_runas }}