From 41b53c009ec6d81fca99242c76465fdfbeec3efd Mon Sep 17 00:00:00 2001 From: Jannik Date: Mon, 9 Nov 2020 21:34:21 +0100 Subject: [PATCH] Since `systemd-docker` is deprecated/not maintained anymore, this setup does not work on new versions of systemd+ubuntu. I found a solution --- Running-with-systemd-docker.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Running-with-systemd-docker.md b/Running-with-systemd-docker.md index d86fc34..a2b0898 100644 --- a/Running-with-systemd-docker.md +++ b/Running-with-systemd-docker.md @@ -10,18 +10,20 @@ As root, create `/etc/systemd/system/bitwarden.service` using your preferred edi ```ini [Unit] Description=Bitwarden -After=docker.service +After=docker.service network.target Requires=docker.service [Service] TimeoutStartSec=0 ExecStartPre=/usr/bin/docker pull bitwardenrs/server:latest -ExecStart=/usr/bin/systemd-docker --cgroups name=systemd --env run \ +ExecStart=/usr/bin/docker run -d \ -p 8080:80 \ -p 8081:3012 \ + --env-file /opt/.bitwarden.env \ -v /opt/bw-data:/data/ \ - --rm --name %n bitwardenrs/server:latest -Restart=always + --restart=unless-stopped --name bitwarden bitwardenrs/server:latest +ExecStopPost=/usr/bin/docker rm bitwarden +Restart=Always RestartSec=10s Type=notify NotifyAccess=all @@ -32,12 +34,14 @@ WantedBy=multi-user.target Adjust the above example as necessary. In particular, pay attention to the `-p` and `-v` options, as these control the port and volume bindings between the container and the host. +Also make sure to provide a `--env-file` with your configurations, or type out all your configurations via `-e KEY=VALUE` directly. Explanation of options which may not be self-explanatory: - A `TimeoutStartSec` value of 0 stops systemd from considering the service failed after waiting for the default startup time. This is required as it may take a while for the `docker pull` in `ExecStartPre` to finish. - `ExecStartPre`: Pull the docker tag before running. +- `ExecStopPost`: Delete the container (to make sure we can start again next time). The reason we do that is because systemd is monitoring the docker service instead of the individual container. As such we tell the docker service to restart the container `unless-stopped. That is basically like `--restart=Always`, but excluding when the docker service stopped (or the container was halted). This allows us to only restart the service `Restart=Always` with systemd when the docker service stopped. - A `Type` value of `notify` tells systemd to expect a notification from the service that it is ready. - A `NotifyAccess` value of `all` is required by `systemd-docker`.