public-inbox.git  about / heads / tags
an "archives first" approach to mailing lists

blob 51f58fbb21aa87366beca7158630389dbe2818db 2968 bytes (raw)
$ git show HEAD:examples/public-inbox-netd@.service	# shows this blob on the CLI
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

 
# ==> /etc/systemd/system/public-inbox-netd@.service <==
# Since SIGUSR2 upgrades do not work under systemd, this service file
# allows starting two simultaneous services during upgrade time
# (e.g. public-inbox-netd@1 public-inbox-netd@2) with the intention
# that they take turns running in-between upgrades.  This should
# allow upgrading without downtime.
# For servers expecting visitors from multiple timezones, TZ=UTC
# is needed to ensure a consistent approxidate experience with search.
[Unit]
Description = public-inbox-netd server %i
Wants = public-inbox-netd.socket
After = public-inbox-netd.socket

[Service]

# Setting MALLOC_MMAP_THRESHOLD_=131072 reduces fragmentation by
# disabling the sliding mmap window in glibc malloc.  An LD_PRELOAD for
# libjemalloc may be added here, instead.  jemalloc is more resistant to
# fragmentation in long-lived daemons than unconfigured glibc malloc.
Environment = PI_CONFIG=/home/pi/.public-inbox/config \
PATH=/usr/local/bin:/usr/bin:/bin \
TZ=UTC \
MALLOC_MMAP_THRESHOLD_=131072 \
PERL_INLINE_DIRECTORY=/tmp/.netd-inline

LimitNOFILE = 30000
LimitCORE = infinity
ExecStartPre = /bin/mkdir -p -m 1777 /tmp/.netd-inline

# The '-l' args below map each socket in public-inbox-netd.socket to
# the appropriate IANA service name:
ExecStart = /usr/local/bin/public-inbox-netd -W0 \
-1 /var/log/netd/stdout.out.log \
--cert /etc/ssl/certs/news.example.com.pem \
--key /etc/ssl/private/news.example.com.key
-l imap:///run/imap.sock?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
-l nntp:///run/nntp.sock?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
-l pop3:///run/pop3.sock?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
-l imap://0.0.0.0/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
-l nntp://0.0.0.0/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
-l pop3://0.0.0.0/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
-l imap://[::]/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
-l nntp://[::]/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
-l pop3://[::]/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
-l imaps://0.0.0.0/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
-l nntps://0.0.0.0/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
-l pop3s://0.0.0.0/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
-l imaps://[::]/?out=/var/log/netd/imap.out,err=/var/log/netd/imap.err \
-l nntps://[::]/?out=/var/log/netd/nntp.out,err=/var/log/netd/nntp.err \
-l pop3s://[::]/?out=/var/log/netd/pop3.out,err=/var/log/netd/pop3.err \
-l http://127.0.0.1:280/?psgi=/etc/public.psgi,err=/var/log/netd/http.err

# NonBlocking is REQUIRED to avoid a race condition if running
# simultaneous services
NonBlocking = true

Sockets = public-inbox-netd.socket
KillSignal = SIGQUIT
User = news
Group = ssl-cert
ExecReload = /bin/kill -HUP $MAINPID
TimeoutStopSec = 30
KillMode = process

[Install]
WantedBy = multi-user.target

git clone https://public-inbox.org/public-inbox.git
git clone http://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/public-inbox.git