search

kokoichi206 / til

0 stars 1 forks source link

証明書更新を systemd timer に変えてみる #9

Open kokoichi206 opened 1 year ago

kokoichi206 commented 1 year ago

cron to systemd timer

kokoichi206 commented 1 year ago 
$ cd /etc/systemd/system/

$ cat sakamichi-api-core.service 
[Unit]
Description=坂道グループの API の core 側       # おおまかな説明を書く。

[Service]
ExecStart=/home/ubuntu/deploy/sakamichi-api-core
WorkingDirectory=/home/ubuntu/deploy
Restart=always                                      # デーモン化のため何かエラーが起きても再起動するように設定。

[Install]
kokoichi206 commented 1 year ago

systemd.timer

.service.timer の2ファイルからなる

service

[Unit]
Description=Login mydns scripts

[Service]
User=ubuntu
Group=ubuntu
Type=oneshot
WorkingDirectory=/home/ubuntu/work/worker
ExecStart=/home/ubuntu/work/worker/login-mydns.sh

注意点

timer

[Unit]
Description=Update mydns timer

[Timer]
OnUnitActiveSec=5min
Persistent=true

[Install]
WantedBy=timers.target
sudo systemctl enable update-mydns.timer

疑問

multi-user.target vs timers.target ?

kokoichi206 commented 1 year ago 

sudo systemctl daemon-reload

sudo systemctl start update-mydns.service

systemctl list-timers

Links

kokoichi206 commented 10 months ago

動いてなさそう

kokoichi206 commented 10 months ago

service 側を enable にするの忘れてた。

$ sudo systemctl enable cert-update.service
The unit files have no installation config (WantedBy=, RequiredBy=, Also=,
Alias= settings in the [Install] section, and DefaultInstance= for template
units). This means they are not meant to be enabled using systemctl.

Possible reasons for having this kind of units are:
• A unit may be statically enabled by being symlinked from another unit's
  .wants/ or .requires/ directory.
• A unit's purpose may be to act as a helper for some other unit which has
  a requirement dependency on it.
• A unit may be started when needed via activation (socket, path, timer,
  D-Bus, udev, scripted systemctl call, ...).
• In case of template units, the unit is meant to be enabled with some
  instance name specified.

Install を追加した。

$ cat cert-update.service
[Unit]
Description=Login mydns scripts

[Service]
User=ubuntu
Group=ubuntu
Type=oneshot
WorkingDirectory=/home/ubuntu/work/worker
ExecStart=/home/ubuntu/work/worker/cert-renew.sh

[Install]
WantedBy=multi-user.target
kokoichi206 commented 10 months ago 
$ journalctl -u update-mydns.timer
-- Logs begin at Wed 2023-12-20 21:06:15 UTC, end at Sun 2024-01-14 14:53:48 UTC. --
-- No entries --

$ journalctl -u update-mydns.service
-- Logs begin at Wed 2023-12-20 21:06:15 UTC, end at Sun 2024-01-14 14:53:55 UTC. --
-- No entries --

$ sudo systemctl daemon-reload

$ sudo systemctl restart update-mydns.timer

$ systemctl status update-mydns.timer
● update-mydns.timer - Update mydns timer
     Loaded: loaded (/etc/systemd/system/update-mydns.timer; enabled; vendor preset: enabled)
     Active: active (elapsed) since Sun 2024-01-14 14:54:20 UTC; 13s ago
    Trigger: n/a
   Triggers: ● update-mydns.service

Jan 14 14:54:20 ubuntu systemd[1]: Started Update mydns timer.
ubuntu@ubuntu:/etc/systemd/system$ systemctl status update-mydns.timer