Skip to content

Latest commit

 

History

History
3633 lines (2385 loc) · 123 KB

REFERENCE.md

File metadata and controls

3633 lines (2385 loc) · 123 KB

Reference

Table of Contents

Classes

Public Classes

  • systemd: This module allows triggering systemd commands once for all modules
  • systemd::tmpfiles: Update the systemd temp files

Private Classes

  • systemd::coredump: This class manages the systemd-coredump configuration.
  • systemd::install: Install any systemd sub packages
  • systemd::journal_remote: This class manages and configures journal-remote.
  • systemd::journal_upload: This class manages and configures journal-upload.
  • systemd::journald: This class manages and configures journald.
  • systemd::logind: This class manages systemd's login manager configuration.
  • systemd::machine_info: This class manages systemd's machine-info file (hostnamectl)
  • systemd::modules_loads: Activate the modules contained in modules-loads.d
  • systemd::networkd: This class provides an abstract way to trigger systemd-networkd
  • systemd::oomd: This class manages and configures oomd.
  • systemd::resolved: This class provides an abstract way to trigger resolved.
  • systemd::service_manager: This class provides a solution to manage system and/or user service manager settings
  • systemd::timedatectl: This class provides an abstract way to set elements with timedatectl
  • systemd::timesyncd: This class provides an abstract way to trigger systemd-timesyncd
  • systemd::udevd: This class manages systemd's udev config

Defined types

Resource types

  • loginctl_user: An arbitrary name used as the identity of the resource.

Functions

Data types

Tasks

Classes

systemd

This module allows triggering systemd commands once for all modules

Parameters

The following parameters are available in the systemd class:

default_target

Data type: Optional[Pattern['^.+\.target$']]

The default systemd boot target, unmanaged if set to undef.

Default value: undef

service_limits

Data type: Stdlib::CreateResources

Deprecated, use dropin_files - Hash of systemd::service_limits resources

Default value: {}

networks

Data type: Stdlib::CreateResources

Hash of systemd::network resources

Default value: {}

timers

Data type: Stdlib::CreateResources

Hash of systemd::timer resources

Default value: {}

tmpfiles

Data type: Stdlib::CreateResources

Hash of systemd::tmpfile resources

Default value: {}

unit_files

Data type: Stdlib::CreateResources

Hash of systemd::unit_file resources

Default value: {}

manage_resolved

Data type: Boolean

Manage the systemd resolver

Default value: false

resolved_ensure

Data type: Enum['stopped','running']

The state that the resolved service should be in. When migrating from 'running' to 'stopped' an attempt will be made to restore a working /etc/resolv.conf using /run/systemd/resolve/resolv.conf.

Default value: 'running'

resolved_package

Data type: Optional[Enum['systemd-resolved']]

The name of a systemd sub package needed for systemd-resolved if one needs to be installed.

Default value: undef

manage_nspawn

Data type: Boolean

Manage the systemd-nspawn@service and machinectl subsystem.

Default value: false

nspawn_package

Data type: Optional[Enum['systemd-container']]

The name of a systemd sub package needed for the nspawn tools machinectl and systemd-nspawn if one needs to be installed.

Default value: undef

dns

Data type: Optional[Variant[Array[String],String]]

A space-separated list of IPv4 and IPv6 addresses to use as system DNS servers. DNS requests are sent to one of the listed DNS servers in parallel to suitable per-link DNS servers acquired from systemd-networkd.service(8) or set at runtime by external applications. requires puppetlabs-inifile

Default value: undef

fallback_dns

Data type: Optional[Variant[Array[String],String]]

A space-separated list of IPv4 and IPv6 addresses to use as the fallback DNS servers. Any per-link DNS servers obtained from systemd-networkd take precedence over this setting. requires puppetlabs-inifile

Default value: undef

domains

Data type: Optional[Variant[Array[String],String]]

A space-separated list of domains host names or IP addresses to be used systemd-resolved take precedence over this setting.

Default value: undef

llmnr

Data type: Optional[Variant[Boolean,Enum['resolve']]]

Takes a boolean argument or "resolve".

Default value: undef

multicast_dns

Data type: Optional[Variant[Boolean,Enum['resolve']]]

Takes a boolean argument or "resolve".

Default value: undef

dnssec

Data type: Optional[Variant[Boolean,Enum['allow-downgrade']]]

Takes a boolean argument or "allow-downgrade".

Default value: undef

dnsovertls

Data type: Variant[Boolean,Enum['yes', 'opportunistic', 'no']]

Takes a boolean argument or one of "yes", "opportunistic" or "no". "true" corresponds to "opportunistic" and "false" (default) to "no".

Default value: false

cache

Data type: Optional[Variant[Boolean,Enum['no-negative']]]

Takes a boolean argument or "no-negative". If left undef the cache setting will not be modified.

Default value: undef

dns_stub_listener

Data type: Optional[Variant[Boolean,Enum['udp','tcp','absent']]]

Takes a boolean argument or one of "udp" and "tcp". Setting it to 'absent' will remove DNSStubListener existing entries from the configuration file

Default value: undef

dns_stub_listener_extra

Data type: Optional[Variant[Array[String[1]],Enum['absent']]]

Additional addresses for the DNS stub listener to listen on Setting it to 'absent' will remove DNSStubListenerExtra existing entries from the configuration file

Default value: undef

manage_resolv_conf

Data type: Boolean

For when manage_resolved is true should the file /etc/resolv.conf be managed.

Default value: true

use_stub_resolver

Data type: Boolean

Takes a boolean argument. When "false" (default) it uses /run/systemd/resolve/resolv.conf as /etc/resolv.conf. When "true", it uses /run/systemd/resolve/stub-resolv.conf When resolved_ensure is stopped this parameter is ignored.

Default value: false

manage_networkd

Data type: Boolean

Manage the systemd network daemon

Default value: false

networkd_ensure

Data type: Enum['stopped','running']

The state that the networkd service should be in

Default value: 'running'

networkd_package

Data type: Optional[String[1]]

Name of the package required for systemd-networkd, if any

Default value: undef

manage_timesyncd

Data type: Boolean

Manage the systemd timesyncd daemon

Default value: false

timesyncd_ensure

Data type: Enum['stopped','running']

The state that the timesyncd service should be in

Default value: 'running'

timesyncd_package

Data type: Optional[String[1]]

Name of the package required for systemd-timesyncd, if any

Default value: undef

ntp_server

Data type: Optional[Variant[Array,String]]

comma separated list of ntp servers, will be combined with interface specific addresses from systemd-networkd. requires puppetlabs-inifile

Default value: undef

fallback_ntp_server

Data type: Optional[Variant[Array,String]]

A space-separated list of NTP server host names or IP addresses to be used as the fallback NTP servers. Any per-interface NTP servers obtained from systemd-networkd take precedence over this setting. requires puppetlabs-inifile

Default value: undef

timezone

Data type: Optional[String[1]]

Set the system time zone to the specified value. Available timezones can be listed with list-timezones. If the RTC is configured to be in the local time, this will also update the RTC time. This call will alter the /etc/localtime symlink.

Default value: undef

set_local_rtc

Data type: Optional[Boolean]

Takes a boolean argument. If "false", the system is configured to maintain the RTC in universal time. If "true", it will maintain the RTC in local time instead. Note that maintaining the RTC in the local timezone is not fully supported and will create various problems with time zone changes and daylight saving adjustments. If at all possible, keep the RTC in UTC mode.

Default value: undef

manage_journald

Data type: Boolean

Manage the systemd journald

Default value: true

journald_settings

Data type: Systemd::JournaldSettings

Config Hash that is used to configure settings in journald.conf

Default value: {}

manage_journal_upload

Data type: Boolean

Manage the systemd journal upload to a remote server

Default value: false

journal_upload_settings

Data type: Systemd::JournalUploadSettings

Config Hash that is used to configure settings in journal-upload.conf

Default value: {}

manage_journal_remote

Data type: Boolean

Manage the systemd journal remote server used to upload journals

Default value: false

journal_remote_settings

Data type: Systemd::JournalRemoteSettings

Config Hash that is used to configure settings in journal-remote.conf

Default value: {}

manage_udevd

Data type: Boolean

Manage the systemd udev daemon

Default value: false

udev_log

Data type: Optional[Variant[Integer,String]]

The value of /etc/udev/udev.conf udev_log

Default value: undef

udev_children_max

Data type: Optional[Integer]

The value of /etc/udev/udev.conf children_max

Default value: undef

udev_exec_delay

Data type: Optional[Integer]

The value of /etc/udev/udev.conf exec_delay

Default value: undef

udev_event_timeout

Data type: Optional[Integer]

The value of /etc/udev/udev.conf event_timeout

Default value: undef

udev_resolve_names

Data type: Optional[Enum['early', 'late', 'never']]

The value of /etc/udev/udev.conf resolve_names

Default value: undef

udev_timeout_signal

Data type: Optional[Variant[Integer,String]]

The value of /etc/udev/udev.conf timeout_signal

Default value: undef

udev_rules

Data type: Stdlib::CreateResources

Config Hash that is used to generate instances of our udev::rule define.

Default value: {}

udev_reload

Data type: Boolean

Whether udev rules should be automatically reloaded upon change.

Default value: false

machine_info_settings

Data type: Systemd::MachineInfoSettings

Settings to place into /etc/machine-info (hostnamectl)

Default value: {}

manage_logind

Data type: Boolean

Manage the systemd logind

Default value: false

logind_settings

Data type: Systemd::LogindSettings

Config Hash that is used to configure settings in logind.conf

Default value: {}

loginctl_users

Data type: Stdlib::CreateResources

Config Hash that is used to generate instances of our type loginctl_user.

Default value: {}

dropin_files

Data type: Stdlib::CreateResources

Configure dropin files via hiera and systemd::dropin_file with factory pattern

Default value: {}

manage_units

Data type: Stdlib::CreateResources

Configure units via hiera and systemd::manage_unit with factory pattern

Default value: {}

manage_dropins

Data type: Stdlib::CreateResources

Configure dropin files via hiera and systemd::manage_dropin with factory pattern

Default value: {}

manage_all_network_files

Data type: Boolean

Default value: false

network_path

Data type: Stdlib::Absolutepath

where all networkd files are placed in

Default value: '/etc/systemd/network'

manage_accounting

Data type: Boolean

When enabled, the different accounting options (network traffic, IO, CPU util...) are enabled for units.

Default value: false

accounting

Data type: Hash[String,String]

Hash of the different accounting options. This highly depends on the used systemd version. The module provides sane defaults per operating system using Hiera.

Default value: {}

purge_dropin_dirs

Data type: Boolean

When enabled, unused directories for dropin files will be purged

Default value: true

manage_coredump

Data type: Boolean

Should systemd-coredump configuration be managed

Default value: false

coredump_settings

Data type: Systemd::CoredumpSettings

Hash of systemd-coredump configurations for coredump.conf

Default value: {}

coredump_backtrace

Data type: Boolean

Add --backtrace to systemd-coredump call [email protected] unit

Default value: false

manage_oomd

Data type: Boolean

Should systemd-oomd configuration be managed

Default value: false

oomd_package

Data type: Optional[String[1]]

Name of the package required for systemd-oomd, if any

Default value: undef

oomd_ensure

Data type: Enum['stopped','running']

The state that the oomd service should be in

Default value: 'running'

oomd_settings

Data type: Systemd::OomdSettings

Hash of systemd-oomd configurations for oomd.conf

Default value: {}

udev_purge_rules

Data type: Boolean

Toggle if unmanaged files in /etc/udev/rules.d should be purged if manage_udevd is enabled

Default value: false

manage_system_conf

Data type: Boolean

Should system service manager configurations be managed

Default value: false

system_settings

Data type: Systemd::ServiceManagerSettings

Config Hash that is used to configure settings in system.conf NOTE: It's currently impossible to have multiple entries of the same key in the settings.

Default value: {}

manage_user_conf

Data type: Boolean

Should user service manager configurations be managed

Default value: false

user_settings

Data type: Systemd::ServiceManagerSettings

Config Hash that is used to configure settings in user.conf NOTE: It's currently impossible to have multiple entries of the same key in the settings.

Default value: {}

systemd::tmpfiles

Update the systemd temp files

  • See also
    • systemd-tmpfiles(8)

Parameters

The following parameters are available in the systemd::tmpfiles class:

operations

Data type: Array[Enum['create','clean','remove']]

The operations to perform on the systemd tempfiles

  • All operations may be combined but you'll probably only ever want to use create

Default value: ['create']

Defined types

systemd::daemon_reload

Run systemctl daemon-reload

Examples

Force reload the system systemd
notify{ 'fake event to notify from':
  notify => Systemd::Daemon_reload['special']
}
systemd::daemon_reload{ 'special': }
Force reload a systemd --user
notify{ 'fake event to notify from':
  notify => Systemd::Daemon_reload['steve_user']
}
systemd::daemon_reload{ 'steve_user':
  user => 'steve',
}

Parameters

The following parameters are available in the systemd::daemon_reload defined type:

name

A globally unique name for the resource

enable

Data type: Boolean

Enable the reload exec

  • Added in case users want to disable the reload globally using a resource collector

Default value: true

user

Data type: Optional[String[1]]

Specify user name of systemd --user to reload. This not supported below Redhat 9, Ubuntu 22.04 or Debian 12.

Default value: undef

systemd::dropin_file

Creates a drop-in file for a systemd unit

  • See also
    • systemd.unit(5)

Parameters

The following parameters are available in the systemd::dropin_file defined type:

unit

Data type: Systemd::Unit

The target unit file to create

filename

Data type: Systemd::Dropin

The filename of the drop in. The full path is determined using the path, unit and this filename.

Default value: $name

ensure

Data type: Enum['present', 'absent', 'file']

the state of this dropin file

Default value: 'present'

path

Data type: Stdlib::Absolutepath

The main systemd configuration path

Default value: '/etc/systemd/system'

selinux_ignore_defaults

Data type: Boolean

If Puppet should ignore the default SELinux labels.

Default value: false

content

Data type: Optional[Variant[String,Sensitive[String]]]

The full content of the unit file (Mutually exclusive with $source)

Default value: undef

source

Data type: Optional[String]

The File resource compatible source Mutually exclusive with $content

Default value: undef

target

Data type: Optional[Stdlib::Absolutepath]

If set, will force the file to be a symlink to the given target (Mutually exclusive with both $source and $content

Default value: undef

owner

Data type: String

The owner to set on the dropin file

Default value: 'root'

group

Data type: String

The group to set on the dropin file

Default value: 'root'

mode

Data type: String

The mode to set on the dropin file

Default value: '0444'

show_diff

Data type: Boolean

Whether to show the diff when updating dropin file

Default value: true

notify_service

Data type: Boolean

Notify a service for the unit, if it exists

Default value: true

daemon_reload

Data type: Boolean

Call systemd::daemon_reload

Default value: true

systemd::manage_dropin

Creates a drop-in file for a systemd unit from a template

  • See also
    • systemd.unit(5)

Examples

drop in file to change Type and override ExecStart
systemd::manage_dropin { 'myconf.conf':
  ensure        => present,
  unit          => 'myservice.service',
  service_entry => {
    'Type'      => 'oneshot',
    'ExecStart' => ['', '/usr/bin/doit.sh'],
  },
}
drop in file to change a path unit and override TriggerLimitBurst
systemd::manage_dropin { 'triggerlimit.conf':
  ensure     => present,
  unit       => 'passwd.path',
  path_entry => {
    'TriggerLimitBurst' => 100,
  },
}
drop in file to override the LimitCORE for a service
systemd::manage_dropin { 'corelimit.conf':
  ensure     => present,
  unit       => 'rsyslog.conf',
  path_entry => {
    'LimitCORE' => 'infinity',
  },
}
make a noisy unit less noisy
systemd::manage_dropin { 'maxloglevel.conf':
  ensure        => present,
  unit          => 'chatty.service',
  service_entry => {
    'LogLevelMax' => 'warning',
  }
}
have a unit instance auto run before user-.service
systemd::manage_dropin { 'user-aklog.conf':
  unit => '[email protected]',
  unit_entry => {
    'After'    => 'user-aklog@%i.service',
    'Requires' => 'user-aklog@%i.service'
  }
}
set memory limits on the user slices
systemd::manage_dropin { 'userlimits.conf':
  unit        => 'user-.slice',
  slice_entry => {
    MemoryMax        => '10G',
    MemoryAccounting => true,
  }
}
set IO limits on two devices
systemd::manage_dropin { 'devicelimits.conf':
  unit          =>  'special.service',
  service_entry => {
   'IOReadIOPSMax' => [
     ['/dev/afs',100],
     ['/dev/gluster','1000K'],
   ],
  },
}

Parameters

The following parameters are available in the systemd::manage_dropin defined type:

unit

Data type: Systemd::Unit

The unit to create a dropfile for

filename

Data type: Systemd::Dropin

The target unit file to create. The filename of the drop in. The full path is determined using the path, unit and this filename.

Default value: $name

ensure

Data type: Enum['present', 'absent']

The state of this dropin file

Default value: 'present'

path

Data type: Stdlib::Absolutepath

The main systemd configuration path

Default value: '/etc/systemd/system'

selinux_ignore_defaults

Data type: Boolean

If Puppet should ignore the default SELinux labels

Default value: false

owner

Data type: String

The owner to set on the dropin file

Default value: 'root'

group

Data type: String

The group to set on the dropin file

Default value: 'root'

mode

Data type: Stdlib::Filemode

The mode to set on the dropin file

Default value: '0444'

show_diff

Data type: Boolean

Whether to show the diff when updating dropin file

Default value: true

notify_service

Data type: Boolean

Notify a service for the unit, if it exists

Default value: false

daemon_reload

Data type: Boolean

Call systemd::daemon_reload

Default value: true

unit_entry

Data type: Optional[Systemd::Unit::Unit]

key value pairs for [Unit] section of the unit file

Default value: undef

slice_entry

Data type: Optional[Systemd::Unit::Slice]

key value pairs for [Slice] section of the unit file

Default value: undef

service_entry

Data type: Optional[Systemd::Unit::Service]

key value pairs for [Service] section of the unit file

Default value: undef

install_entry

Data type: Optional[Systemd::Unit::Install]

key value pairs for [Install] section of the unit file

Default value: undef

timer_entry

Data type: Optional[Systemd::Unit::Timer]

key value pairs for [Timer] section of the unit file

Default value: undef

path_entry

Data type: Optional[Systemd::Unit::Path]

key value pairs for [Path] section of the unit file

Default value: undef

socket_entry

Data type: Optional[Systemd::Unit::Socket]

key value pairs for the [Socket] section of the unit file

Default value: undef

mount_entry

Data type: Optional[Systemd::Unit::Mount]

key value pairs for the [Mount] section of the unit file

Default value: undef

swap_entry

Data type: Optional[Systemd::Unit::Swap]

key value pairs for the [Swap] section of the unit file

Default value: undef

systemd::manage_unit

Generate unit file from template

  • See also
    • systemd.unit(5)

Examples

Generate a service
systemd::manage_unit { 'myrunner.service':
  unit_entry    => {
    'Description' => 'My great service',
  },
  service_entry => {
    'Type'      => 'oneshot',
    'ExecStart' => '/usr/bin/doit.sh',
  },
  install_entry => {
    'WantedBy' => 'multi-user.target',
  },
}
Genenerate a path unit
systemd::manage_unit { 'passwd-mon.path':
  ensure        => present,
  unit_entry    => {
    'Description' => 'Monitor the passwd file',
  },
  path_entry    => {
    'PathModified' => '/etc/passwd',
    'Unit'         => 'passwd-mon.service',
  },
  install_entry => {
    'WantedBy' => 'multi-user.target',
  },
}
Generate a socket and service (xinetd style)
systemd::manage_unit {'arcd.socket':
  ensure        => 'present',
  unit_entry    => {
    'Description' => 'arcd.service',
  },
  socket_entry  => {
    'ListenStream' => 4241,
    'Accept'       => true,
    'BindIPv6Only' => 'both',
  },
  install_entry => {
    'WantedBy' => 'sockets.target',
  },
}

systemd::manage_unit{'[email protected]':
  ensure        => 'present',
  enable        => true,
  active        => true,
  unit_entry    => {
    'Description'   => 'arc sever for %i',
  },
  service_entry => {
    'Type'          => 'simple',
    'ExecStart'     => /usr/sbin/arcd /usr/libexec/arcd/arcd.pl,
    'StandardInput' => 'socket',
  },
}
Mount a Filesystem and Use for a Service
systemd::manage_unit { 'var-lib-sss-db.mount':
  ensure      => present,
  unit_entry  => {
    'Description' => 'Mount sss tmpfs db',
  },
  mount_entry => {
    'What'    => 'tmpfs',
    'Where'   => '/var/lib/sss/db',
    'Type'    => 'tmpfs',
    'Options' => 'size=300M,mode=0700,uid=sssd,gid=sssd,rootcontext=system_u:object_r:sssd_var_lib_t:s0',
  },
}
systemd::manage_dropin { 'tmpfs-db.conf':
  ensure     => present,
  unit       => 'sssd.service',
  unit_entry => {
    'RequiresMountsFor' => '/var/lib/sss/db',
  },
}
Create and Mount a Swap File
systemd::manage_unit{'swapfile.swap':
  ensure        => present,
  enable        => true,
  active        => true,
  unit_entry    => {
    'Description' => 'Mount /swapfile as a swap file',
    'After'       => 'mkswap.service',
    'Requires'    => 'mkswap.service',
  },
  swap_entry    => {
    'What' => '/swapfile',
  },
  install_entry => {
    'WantedBy' => 'multi-user.target',
  },
  require       => Systemd::Manage_unit['mkswap.service'],
}
systemd::manage_unit{'mkswap.service':
  ensure        => present,
  unit_entry    => {
    'Description'         => 'Format a swapfile at /swapfile',
    'ConditionPathExists' => '!/swapfile',
  },
  service_entry => {
    'Type'      => 'oneshot',
    'UMask'     => '0177',
    'ExecStart' => [
      '/usr/bin/dd if=/dev/zero of=/swapfile bs=1024 count=1000',
      '/usr/sbin/mkswap /swapfile',
    ],
  },
}
Remove a unit file
systemd::manage_unit { 'my.service':
  ensure     => 'absent',
}

Parameters

The following parameters are available in the systemd::manage_unit defined type:

name

Data type: Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']

The target unit file to create

ensure

Data type: Enum['present', 'absent']

The state of the unit file to ensure

Default value: 'present'

path

Data type: Stdlib::Absolutepath

The main systemd configuration path

Default value: '/etc/systemd/system'

owner

Data type: String

The owner to set on the unit file

Default value: 'root'

group

Data type: String

The group to set on the unit file

Default value: 'root'

mode

Data type: Stdlib::Filemode

The mode to set on the unit file

Default value: '0444'

show_diff

Data type: Boolean

Whether to show the diff when updating unit file

Default value: true

enable

Data type: Optional[Variant[Boolean, Enum['mask']]]

If set, manage the unit enablement status

Default value: undef

active

Data type: Optional[Boolean]

If set, will manage the state of the unit

Default value: undef

restart

Data type: Optional[String]

Specify a restart command manually. If left unspecified, a standard Puppet service restart happens

Default value: undef

selinux_ignore_defaults

Data type: Boolean

maps to the same param on the file resource for the unit. false in the module because it's false in the file resource type

Default value: false

service_parameters

Data type: Hash[String[1], Any]

hash that will be passed with the splat operator to the service resource

Default value: {}

daemon_reload

Data type: Boolean

call systemd::daemon-reload to ensure that the modified unit file is loaded

Default value: true

service_restart

Data type: Boolean

restart (notify) the service when unit file changed

Default value: true

unit_entry

Data type: Optional[Systemd::Unit::Unit]

key value pairs for [Unit] section of the unit file.

Default value: undef

slice_entry

Data type: Optional[Systemd::Unit::Slice]

key value pairs for [Slice] section of the unit file

Default value: undef

service_entry

Data type: Optional[Systemd::Unit::Service]

key value pairs for [Service] section of the unit file.

Default value: undef

install_entry

Data type: Optional[Systemd::Unit::Install]

key value pairs for [Install] section of the unit file.

Default value: undef

timer_entry

Data type: Optional[Systemd::Unit::Timer]

key value pairs for [Timer] section of the unit file

Default value: undef

path_entry

Data type: Optional[Systemd::Unit::Path]

key value pairs for [Path] section of the unit file.

Default value: undef

socket_entry

Data type: Optional[Systemd::Unit::Socket]

kev value paors for [Socket] section of the unit file.

Default value: undef

mount_entry

Data type: Optional[Systemd::Unit::Mount]

kev value pairs for [Mount] section of the unit file.

Default value: undef

swap_entry

Data type: Optional[Systemd::Unit::Swap]

kev value pairs for [Swap] section of the unit file.

Default value: undef

systemd::modules_load

Creates a modules-load.d drop file

  • See also
    • modules-load.d(5)

Examples

load a module
systemd::modules_load { 'impi.conf':
   content => "ipmi\n",
}
override /lib/modules-load.d/myservice.conf in /etc/modules-load.d/myservice.conf
systemd::modules_load { 'myservice.conf':
   content => "# Cancel system version of the file\n",
}

Parameters

The following parameters are available in the systemd::modules_load defined type:

filename

Data type: Systemd::Dropin

The name of the modules-load.d file to create

Default value: $name

ensure

Data type: Enum['present', 'absent', 'file']

Whether to drop a file or remove it

Default value: 'file'

path

Data type: Stdlib::Absolutepath

The path to the main systemd modules-load.d directory

Default value: '/etc/modules-load.d'

content

Data type: Optional[String[1]]

The literal content to write to the file

  • Mutually exclusive with $source

Default value: undef

source

Data type: Optional[String[1]]

A File resource compatible source

  • Mutually exclusive with $content

Default value: undef

systemd::network

Creates network config for systemd-networkd

Parameters

The following parameters are available in the systemd::network defined type:

ensure

Data type: Enum['file', 'absent']

configure if the file should be configured or deleted

Default value: file

path

Data type: Stdlib::Absolutepath

directory where the network configs are stored

Default value: '/etc/systemd/network'

content

Data type: Optional[String]

the content of the file

Default value: undef

source

Data type: Optional[String]

a path to a file that's used as source

Default value: undef

target

Data type: Optional[Stdlib::Absolutepath]

optional absolute path in case the file should be stored somewhere else

Default value: undef

owner

Data type: String

the user who owns the file

Default value: 'root'

group

Data type: String

the group that owns the file

Default value: 'root'

mode

Data type: String

the mode of the file

Default value: '0444'

show_diff

Data type: Boolean

whether the file diff should be shown on modifications

Default value: true

restart_service

Data type: Boolean

whether systemd-networkd should be restarted on changes, defaults to true. $systemd::manage_networkd needs to be true as well

Default value: true

systemd::service_limits

Deprecated - Adds a set of custom limits to the service

  • See also
    • systemd.exec(5)

Parameters

The following parameters are available in the systemd::service_limits defined type:

name

Data type: Pattern['^.+\.(service|socket|mount|swap)$']

The name of the service that you will be modifying

ensure

Data type: Enum['present', 'absent', 'file']

Whether to drop a file or remove it

Default value: 'present'

path

Data type: Stdlib::Absolutepath

The path to the main systemd settings directory

Default value: '/etc/systemd/system'

selinux_ignore_defaults

Data type: Boolean

If Puppet should ignore the default SELinux labels.

Default value: false

limits

Data type: Optional[Systemd::ServiceLimits]

A Hash of service limits matching the settings in systemd.exec(5)

  • Mutually exclusive with $source

Default value: undef

source

Data type: Optional[String]

A File resource compatible source

  • Mutually exclusive with $limits

Default value: undef

restart_service

Data type: Boolean

Unused parameter for compatibility with older versions. Will fail if true is passed in.

Default value: false

systemd::timer

Create a timer and optionally a service unit to execute with the timer unit

Parameters

The following parameters are available in the systemd::timer defined type:

name

Data type: Pattern['^.+\.timer$]

The target of the timer unit to create

path

Data type: Stdlib::Absolutepath

The main systemd configuration path

Default value: '/etc/systemd/system'

timer_content

Data type: Optional[String[1]]

The full content of the timer unit file

  • Mutually exclusive with $timer_source

Default value: undef

timer_source

Data type: Optional[String[1]]

The File resource compatible source

  • Mutually exclusive with $timer_content

Default value: undef

service_content

Data type: Optional[String[1]]

The full content of the service unit file

  • Mutually exclusive with $service_source

Default value: undef

service_source

Data type: Optional[String[1]]

The File resource compatible source

  • Mutually exclusive with $service_content

Default value: undef

owner

Data type: String[1]

The owner to set on the dropin file

Default value: 'root'

group

Data type: String[1]

The group to set on the dropin file

Default value: 'root'

mode

Data type: Stdlib::Filemode

The mode to set on the dropin file

Default value: '0444'

show_diff

Data type: Boolean

Whether to show the diff when updating dropin file

Default value: true

service_unit

Data type: Optional[Systemd::Unit]

If set then the service_unit will have this name. If not set the service unit has the same name as the timer unit with s/.timer/.service/

Default value: undef

active

Data type: Optional[Boolean]

If set to true or false the timer service will be maintained. If true the timer service will be running and enabled, if false it will explicitly stopped and disabled.

Default value: undef

enable

Data type: Optional[Variant[Boolean, Enum['mask']]]

If set, will manage the state of the unit.

Default value: undef

ensure

Data type: Enum['present', 'absent', 'file']

Defines the desired state of the timer

Default value: 'present'

daemon_reload

Data type: Boolean

Call systemd::daemon_reload

Default value: true

systemd::timer_wrapper

Helper to define timer and accompanying services for a given task (cron like interface).

Examples

Create a timer that runs every 5 minutes
systemd::timer_wrapper { 'my_timer':
  ensure        => 'present',
  command       => '/usr/bin/echo "Hello World"',
  on_calendar   => '*:0/5',
}
Create a timer with overrides for the service and timer
systemd::timer_wrapper { 'my_timer':
  ensure             => 'present',
  command            => '/usr/bin/echo "Hello World"',
  on_calendar        => '*:0/5',
  service_overrides => { 'Group' => 'nobody' },
  timer_overrides   => { 'OnBootSec' => '10' },
}
Create a timer with overrides for the service_unit and timer_unit
systemd::timer_wrapper { 'my_timer':
  ensure                 => 'present',
  command                => '/usr/bin/echo "Hello World"',
  on_calendar            => '*:0/5',
  service_unit_overrides => { 'Wants' => 'network-online.target' },
  timer_unit_overrides   => { 'Description' => 'Very special timer' },
}

Parameters

The following parameters are available in the systemd::timer_wrapper defined type:

ensure

Data type: Enum['present', 'absent']

whether the timer and service should be present or absent

command

Data type: Optional[Systemd::Unit::Service::Exec]

the command for the systemd servie to execute

Default value: undef

user

Data type: Optional[String[1]]

the user to run the command as

Default value: undef

on_active_sec

Data type: Optional[Systemd::Unit::Timespan]

run service relative to the time when the timer was activated

Default value: undef

on_boot_sec

Data type: Optional[Systemd::Unit::Timespan]

run service relative to when the machine was booted

Default value: undef

on_start_up_sec

Data type: Optional[Systemd::Unit::Timespan]

run service relative to when the service manager was started

Default value: undef

on_unit_active_sec

Data type: Optional[Systemd::Unit::Timespan]

run service relative to when the unit was last activated

Default value: undef

on_unit_inactive_sec

Data type: Optional[Systemd::Unit::Timespan]

run service relative to when the unit was last deactivated

Default value: undef

on_calendar

Data type: Optional[Systemd::Unit::Timespan]

the calendar event expressions time to run the service

Default value: undef

service_overrides

Data type: Systemd::Unit::Service

override for the[Service] section of the service

Default value: {}

timer_overrides

Data type: Systemd::Unit::Timer

override for the[Timer] section of the timer

Default value: {}

service_unit_overrides

Data type: Systemd::Unit::Unit

override for the[Unit] section of the service

Default value: {}

timer_unit_overrides

Data type: Systemd::Unit::Unit

override for the [Unit] section of the timer

Default value: {}

systemd::tmpfile

Creates a systemd tmpfile

  • See also
    • systemd-tmpfiles(8)

Parameters

The following parameters are available in the systemd::tmpfile defined type:

filename

Data type: Systemd::Dropin

The name of the tmpfile to create

Default value: $name

ensure

Data type: Enum['present', 'absent', 'file']

Whether to drop a file or remove it

Default value: 'file'

path

Data type: Stdlib::Absolutepath

The path to the main systemd tmpfiles directory

Default value: '/etc/tmpfiles.d'

content

Data type: Optional[String]

The literal content to write to the file

  • Mutually exclusive with $source

Default value: undef

source

Data type: Optional[String]

A File resource compatible source

  • Mutually exclusive with $limits

Default value: undef

systemd::udev::rule

Adds a custom udev rule

  • See also
    • udev(7)

Parameters

The following parameters are available in the systemd::udev::rule defined type:

name

Data type: Pattern['^.+\.rules$']

The name of the udev rules to create

ensure

Data type: Enum['present', 'absent', 'file']

Whether to drop a file or remove it

Default value: 'file'

path

Data type: Stdlib::Absolutepath

The path to the main systemd settings directory

Default value: '/etc/udev/rules.d'

selinux_ignore_defaults

Data type: Boolean

If Puppet should ignore the default SELinux labels.

Default value: false

notify_services

Data type: Variant[Array[String[1]], String[1]]

List of services to notify when this rule is updated

Default value: []

rules

Data type: Array

The literal udev rules you want to deploy

Default value: []

systemd::unit_file

Creates a systemd unit file

  • See also
    • systemd.unit(5)

Examples

manage unit file + service
systemd::unit_file { 'foo.service':
  content => file("${module_name}/foo.service"),
  enable  => true,
  active  => true,
}

Parameters

The following parameters are available in the systemd::unit_file defined type:

name

Data type: Pattern['^[^/]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$']

The target unit file to create

ensure

Data type: Enum['present', 'absent']

The state of the unit file to ensure

Default value: 'present'

path

Data type: Stdlib::Absolutepath

The main systemd configuration path

Default value: '/etc/systemd/system'

content

Data type: Optional[Variant[String, Sensitive[String], Deferred]]

The full content of the unit file

  • Mutually exclusive with $source

Default value: undef

source

Data type: Optional[String]

The File resource compatible source

  • Mutually exclusive with $content

Default value: undef

target

Data type: Optional[Stdlib::Absolutepath]

If set, will force the file to be a symlink to the given target

  • Mutually exclusive with both $source and $content

Default value: undef

owner

Data type: String

The owner to set on the unit file

Default value: 'root'

group

Data type: String

The group to set on the unit file

Default value: 'root'

mode

Data type: String

The mode to set on the unit file

Default value: '0444'

show_diff

Data type: Boolean

Whether to show the diff when updating unit file

Default value: true

enable

Data type: Optional[Variant[Boolean, Enum['mask']]]

If set, will manage the unit enablement status.

Default value: undef

active

Data type: Optional[Boolean]

If set, will manage the state of the unit.

Default value: undef

restart

Data type: Optional[String]

Specify a restart command manually. If left unspecified, a standard Puppet service restart happens.

Default value: undef

selinux_ignore_defaults

Data type: Boolean

maps to the same param on the file resource for the unit. false in the module because it's false in the file resource type

Default value: false

service_parameters

Data type: Hash[String[1], Any]

hash that will be passed with the splat operator to the service resource

Default value: {}

daemon_reload

Data type: Boolean

call systemd::daemon-reload to ensure that the modified unit file is loaded

Default value: true

service_restart

Data type: Boolean

restart (notify) the service when unit file changed

Default value: true

systemd::user_service

Manage a user service running under systemd --user

Examples

Enable a service for all users
systemd::user_service { 'systemd-tmpfiles-clean.timer':
  enable => true,
  global => true,
}
Enable a particular user's service
systemd::user_service { 'podman-auto-update.timer':
  ensure => true,
  enable => true,
  user   => 'steve',
}
Notify a user's service to restart it
file{ '/home/steve/.config/systemd/user/podman-auto-update.timer':
  ensure  => file,
  content => ...,
  notify  => Systemd::User_service['steve-podman-auto-update.timer']
}

systemd::user_service { 'steve-podman-auto-update.timer':
  ensure => true,
  enable => true,
  unit   => 'podman-auto-update.timer',
  user   => 'steve',
}

@param unit Unit name to work on
@param ensure Should the unit be started or stopped. Can only be true if user is specified.
@param enable Should the unit be enabled or disabled
@param user User name of user whose unit should be acted upon. Mutually exclusive with
@param global Act globally for all users. Mutually exclusibe with `user`.

Parameters

The following parameters are available in the systemd::user_service defined type:

unit

Data type: Systemd::Unit

Default value: $title

ensure

Data type: Variant[Boolean,Enum['stopped','running']]

Default value: false

enable

Data type: Boolean

Default value: false

global

Data type: Boolean

Default value: false

user

Data type: Optional[String[1]]

Default value: undef

Resource types

loginctl_user

An arbitrary name used as the identity of the resource.

Properties

The following properties are available in the loginctl_user type.

linger

Valid values: enabled, disabled

Whether linger is enabled for the user.

Default value: disabled

Parameters

The following parameters are available in the loginctl_user type.

name

namevar

An arbitrary name used as the identity of the resource.

provider

The specific backend to use for this loginctl_user resource. You will seldom need to specify this --- Puppet will usually discover the appropriate provider for your platform.

Functions

systemd::escape

Type: Puppet Language

Escape strings as systemd-escape does.

Examples

Escaping a string
$result = systemd::escape('foo::bar')
Escaping a path
$result = systemd::escape('/mnt/foobar',true)

systemd::escape(String[1] $input, Boolean $path = false)

The systemd::escape function.

Returns: String String

Examples
Escaping a string
$result = systemd::escape('foo::bar')
Escaping a path
$result = systemd::escape('/mnt/foobar',true)
input

Data type: String[1]

Input string

path

Data type: Boolean

Use path (-p) ornon-path style escaping.

systemd::systemd_escape

Type: Ruby 4.x API

Escape strings by call the systemd-escape command in the background.

systemd::systemd_escape(String $input, Optional[Optional[Boolean]] $path)

The systemd::systemd_escape function.

Returns: String

input

Data type: String

Input string

path

Data type: Optional[Optional[Boolean]]

Use path (-p) ornon-path style escaping.

Data types

Systemd::Boolean

Defines systemd boolean type representation

Alias of Variant[Systemd::Boolean::True, Systemd::Boolean::False]

Systemd::Boolean::False

Defines systemd boolean "false" type representation

Alias of Variant[Integer[0,0], Enum['no', 'false'], Boolean[false]]

Systemd::Boolean::True

Defines systemd boolean "true" type representation

Alias of Variant[Integer[1], Enum['yes', 'true'], Boolean[true]]

Systemd::Capabilities

Defines allowed capabilities

Alias of Variant[Pattern[/^~?(CAP_[A-Z_]+ *)+$/]]

Systemd::CoredumpSettings

Configurations for coredump.conf

Alias of

Struct[{
    Optional['Storage']         => Enum['none', 'external', 'journal'],
    Optional['Compress']        => Enum['yes','no'],
    Optional['ProcessSizeMax']  => Systemd::Unit::Amount,
    Optional['ExternalSizeMax'] => Systemd::Unit::Amount,
    Optional['JournalSizeMax']  => Systemd::Unit::Amount,
    Optional['MaxUse']          => Systemd::Unit::Amount,
    Optional['KeepFree']        => Systemd::Unit::Amount,
  }]

Systemd::Dropin

custom datatype that validates filenames/paths for valid systemd dropin files

Alias of Pattern['^[^/]+\.conf$']

Systemd::JournalRemoteSettings

matches Systemd journal remote config Struct

Alias of

Struct[{
    Optional['Seal']                   => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['SplitMode']              => Variant[Enum['host','none'],Systemd::JournaldSettings::Ensure],
    Optional['ServerKeyFile']          => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
    Optional['ServerCertificateFile']  => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
    Optional['TrustedCertificateFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
    Optional['MaxUse']                 => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
    Optional['KeepFree']               => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
    Optional['MaxFileSize']            => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
    Optional['MaxFiles']               => Variant[Integer,Systemd::JournaldSettings::Ensure],
  }]

Systemd::JournalUploadSettings

matches Systemd journal upload config Struct

Alias of

Struct[{
    Optional['URL']                    => Variant[Stdlib::HTTPUrl,Systemd::JournaldSettings::Ensure],
    Optional['ServerKeyFile']          => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
    Optional['ServerCertificateFile']  => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
    Optional['TrustedCertificateFile'] => Variant[Stdlib::Unixpath,Systemd::JournaldSettings::Ensure],
    Optional['NetworkTimeoutSec']      => Variant[Systemd::Unit::Timespan,Systemd::JournaldSettings::Ensure],
  }]

Systemd::JournaldSettings

Matches Systemd journald config Struct

Alias of

Struct[{
    Optional['Storage']              => Variant[Enum['volatile','persistent','auto','none'],Systemd::JournaldSettings::Ensure],
    Optional['Compress']             => Variant[Enum['yes','no'], Systemd::Unit::Amount ,Systemd::JournaldSettings::Ensure],
    Optional['Seal']                 => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['SplitMode']            => Variant[Enum['uid','none'],Systemd::JournaldSettings::Ensure],
    Optional['RateLimitInterval']    => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/],Systemd::JournaldSettings::Ensure],
    Optional['RateLimitIntervalSec'] => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/],Systemd::JournaldSettings::Ensure],
    Optional['RateLimitBurst']       => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
    Optional['SystemMaxUse']         => Variant[Systemd::Unit::AmountOrPercent,Systemd::JournaldSettings::Ensure],
    Optional['SystemKeepFree']       => Variant[Systemd::Unit::AmountOrPercent,Systemd::JournaldSettings::Ensure],
    Optional['SystemMaxFileSize']    => Variant[Systemd::Unit::AmountOrPercent,Systemd::JournaldSettings::Ensure],
    Optional['SystemMaxFiles']       => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
    Optional['RuntimeMaxUse']        => Variant[Systemd::Unit::AmountOrPercent ,Systemd::JournaldSettings::Ensure],
    Optional['RuntimeKeepFree']      => Variant[Systemd::Unit::AmountOrPercent ,Systemd::JournaldSettings::Ensure],
    Optional['RuntimeMaxFileSize']   => Variant[Systemd::Unit::AmountOrPercent ,Systemd::JournaldSettings::Ensure],
    Optional['RuntimeMaxFiles']      => Variant[Integer[0], Pattern[/^[0-9]+$/],Systemd::JournaldSettings::Ensure],
    Optional['MaxFileSec']           => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
    Optional['MaxRetentionSec']      => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
    Optional['SyncIntervalSec']      => Variant[Pattern[/^[0-9]+(year|month|week|day|h|m)?$/],Systemd::JournaldSettings::Ensure],
    Optional['ForwardToSyslog']      => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['ForwardToKMsg']        => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['ForwardToConsole']     => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['ForwardToWall']        => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['MaxLevelStore']        => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
    Optional['MaxLevelSyslog']       => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
    Optional['MaxLevelKMsg']         => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
    Optional['MaxLevelConsole']      => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
    Optional['MaxLevelWall']         => Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'],Integer[0,7],Systemd::JournaldSettings::Ensure],
    Optional['ReadKMsg']             => Variant[Enum['yes','no'],Systemd::JournaldSettings::Ensure],
    Optional['TTYPath']              => Variant[Stdlib::Absolutepath,Systemd::JournaldSettings::Ensure],
    Optional['LineMax']              => Variant[Systemd::Unit::Amount,Systemd::JournaldSettings::Ensure],
  }]

Systemd::JournaldSettings::Ensure

defines allowed ensure states for systemd-journald settings

Alias of Struct[{ 'ensure' => Enum['present','absent'] }]

Systemd::LogLevel

Defines allowed log levels

Alias of Variant[Enum['emerg','alert','crit','err','warning','notice','info','debug'], Integer[0,7]]

Systemd::LogindSettings

Matches Systemd Login Manager Struct

Alias of

Struct[{
    Optional['HandleHibernateKey']           => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['HandleLidSwitch']              => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['HandleLidSwitchDocked']        => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['HandleLidSwitchExternalPower'] => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['HandlePowerKey']               => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['HandleSuspendKey']             => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['HibernateKeyIgnoreInhibited']  => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
    Optional['HoldoffTimeoutSec']            => Variant[Integer,Systemd::LogindSettings::Ensure],
    Optional['IdleAction']                   => Variant[Enum['ignore','poweroff','reboot','halt','kexec','suspend','hibernate','hybrid-sleep','suspend-then-hibernate','lock'],Systemd::LogindSettings::Ensure],
    Optional['IdleActionSec']                => Variant[Integer,Systemd::LogindSettings::Ensure],
    Optional['InhibitDelayMaxSec']           => Variant[Integer,Systemd::LogindSettings::Ensure],
    Optional['InhibitorsMax']                => Variant[Integer,Systemd::LogindSettings::Ensure],
    Optional['KillExcludeUsers']             => Variant[Array[String],Systemd::LogindSettings::Ensure],
    Optional['KillOnlyUsers']                => Variant[Array[String],Systemd::LogindSettings::Ensure],
    Optional['KillUserProcesses']            => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
    Optional['LidSwitchIgnoreInhibited']     => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
    Optional['NAutoVTs']                     => Variant[Integer,Systemd::LogindSettings::Ensure],
    Optional['PowerKeyIgnoreInhibited']      => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
    Optional['RemoveIPC']                    => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
    Optional['ReserveVT']                    => Variant[Integer,Systemd::LogindSettings::Ensure],
    Optional['RuntimeDirectorySize']         => Variant[Systemd::Unit::AmountOrPercent ,Systemd::LogindSettings::Ensure],
    Optional['SessionsMax']                  => Variant[Systemd::Unit::Amount,Systemd::LogindSettings::Ensure],
    Optional['SuspendKeyIgnoreInhibited']    => Variant[Enum['yes','no'],Systemd::LogindSettings::Ensure],
    Optional['UserTasksMax']                 => Variant[Systemd::Unit::Amount,Systemd::LogindSettings::Ensure],
    Optional['StopIdleSessionSec']           => Variant[Systemd::Unit::Amount,Systemd::LogindSettings::Ensure]
  }]

Systemd::LogindSettings::Ensure

defines allowed ensure states for systemd-logind settings

Alias of Struct[{ 'ensure' => Enum['present','absent'] }]

Systemd::MachineInfoSettings

Matches Systemd machine-info (hostnamectl) file Struct

Alias of

Struct[{
    Optional['PRETTY_HOSTNAME'] => String[1],
    Optional['ICON_NAME']       => String[1],
    Optional['CHASSIS']         => String[1],
    Optional['DEPLOYMENT']      => String[1],
    Optional['LOCATION']        => String[1],
    Optional['HARDWARE_VENDOR'] => String[1],
    Optional['HARDWARE_MODEL']  => String[1],
  }]

Systemd::OomdSettings

Configurations for oomd.conf

Alias of

Struct[{
    Optional['SwapUsedLimit']                    => Pattern[/^[0-9]+[%|‰|‱]$/],
    Optional['DefaultMemoryPressureLimit']       => Pattern[/^[0-9]+%$/],
    Optional['DefaultMemoryPressureDurationSec'] => Integer[0],
  }]

Systemd::Output

Used in DefaultStandardOutput/DefaultStandardError e.g.

Alias of Enum['inherit', 'null', 'tty', 'journal', 'journal+console', 'kmsg', 'kmsg+console']

Systemd::ServiceLimits

Deprecated - Matches Systemd Service Limit Struct

Alias of

Struct[{
    Optional['LimitCPU']            => Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'],
    Optional['LimitFSIZE']          => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitDATA']           => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitSTACK']          => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitCORE']           => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitRSS']            => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitNOFILE']         => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
    Optional['LimitAS']             => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitNPROC']          => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
    Optional['LimitMEMLOCK']        => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitLOCKS']          => Integer[1],
    Optional['LimitSIGPENDING']     => Integer[1],
    Optional['LimitMSGQUEUE']       => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitNICE']           => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$']],
    Optional['LimitRTPRIO']         => Integer[0],
    Optional['LimitRTTIME']         => Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'],
    Optional['CPUAccounting']       => Boolean,
    Optional['CPUShares']           => Integer[2,262144],
    Optional['StartupCPUShares']    => Integer[2,262144],
    Optional['CPUQuota']            => Pattern['^([1-9][0-9]*)%$'],
    Optional['MemoryAccounting']    => Boolean,
    Optional['MemoryLow']           => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
    Optional['MemoryMin']           => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
    Optional['MemoryHigh']          => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
    Optional['MemoryMax']           => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
    Optional['MemoryLimit']         => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
    Optional['MemorySwapMax']       => Pattern['\A(infinity|\d+(K|M|G|T|%)?(:\d+(K|M|G|T|%)?)?)\z'],
    Optional['TasksAccounting']     => Boolean,
    Optional['TasksMax']            => Variant[Integer[1],Pattern['^(infinity|([1-9][0-9]?$|^100)%)$']],
    Optional['IOAccounting']        => Boolean,
    Optional['IOWeight']            => Integer[1,10000],
    Optional['StartupIOWeight']     => Integer[1,10000],
    Optional['IODeviceWeight']      => Array[Hash[Stdlib::Absolutepath, Integer[1,10000], 1, 1]],
    Optional['IOReadBandwidthMax']  => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
    Optional['IOWriteBandwidthMax'] => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
    Optional['IOReadIOPSMax']       => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
    Optional['IOWriteIOPSMax']      => Array[Hash[Stdlib::Absolutepath, Pattern['^(\d+(K|M|G|T)?)$'], 1, 1]],
    Optional['DeviceAllow']         => String[1],
    Optional['DevicePolicy']        => Enum['auto','closed','strict'],
    Optional['Slice']               => String[1],
    Optional['Delegate']            => Boolean,
    Optional['OOMScoreAdjust']      => Integer[-1000,1000]
  }]

Systemd::ServiceManagerSettings

NOTE: Systemd::SettingEnsure here allows to delete the setting from the INI file. See the example below for Hiera:

systemd::system_settings:
  LogLevel:
    ensure: absent

Alias of

Struct[{
    Optional['LogLevel'] => Variant[Systemd::LogLevel, Systemd::SettingEnsure],
    Optional['LogTarget'] => Variant[Enum['console','console-prefixed','kmsg','journal','journal-or-kmsg','auto','null'], Systemd::SettingEnsure],
    Optional['LogColor'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['LogLocation'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['LogTime'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['DumpCore'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['ShowStatus'] => Variant[Systemd::Boolean, Enum['auto','error'], Systemd::SettingEnsure],
    Optional['CrashChangeVT'] => Variant[Systemd::Boolean, Integer[1,63], Systemd::SettingEnsure],
    Optional['CrashShell'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['CrashReboot'] => Variant[Systemd::Boolean, Systemd::SettingEnsure], # Obsoleted by CrashAction in v256, delete after Debian 12 EOL
    Optional['CrashAction'] => Variant[Enum['freeze', 'reboot', 'poweroff'], Systemd::SettingEnsure],
    Optional['CtrlAltDelBurstAction'] => Variant[Enum['reboot-force','poweroff-force','reboot-immediate','poweroff-immediate','none'], Systemd::SettingEnsure],
    Optional['CPUAffinity'] => Variant[Enum['numa'], Pattern['^[0-9, -]+$'], Systemd::SettingEnsure],
    Optional['NUMAPolicy'] => Variant[Enum['default','preferred','bind','interleave','local'], Systemd::SettingEnsure],
    Optional['NUMAMask'] => Variant[Enum['all'], Pattern['^[0-9, -]+$'], Systemd::SettingEnsure],
    Optional['RuntimeWatchdogSec'] => Variant[Enum['off','default'], Systemd::Timespan, Systemd::SettingEnsure],
    Optional['RuntimeWatchdogPreSec'] => Variant[Enum['off'], Systemd::Timespan, Systemd::SettingEnsure],
    Optional['RuntimeWatchdogPreGovernor'] => Variant[Enum['noop', 'panic'], String[1], Systemd::SettingEnsure],
    Optional['RebootWatchdogSec'] => Variant[Enum['off','default'], Systemd::Timespan, Systemd::SettingEnsure],
    Optional['KExecWatchdogSec'] => Variant[Enum['off','default'], Systemd::Timespan, Systemd::SettingEnsure],
    Optional['WatchdogDevice'] => Variant[Stdlib::Absolutepath, Systemd::SettingEnsure],
    Optional['CapabilityBoundingSet'] => Variant[Systemd::Capabilities, Systemd::SettingEnsure],
    Optional['NoNewPrivileges'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['ProtectSystem'] => Variant[Enum['auto'], Systemd::Boolean, Systemd::SettingEnsure],
    Optional['SystemCallArchitectures'] => Variant[String[1], Systemd::SettingEnsure],
    Optional['TimerSlackNSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['StatusUnitFormat'] => Variant[Enum['combined','description','name'], Systemd::SettingEnsure],
    Optional['DefaultTimerAccuracySec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultStandardOutput'] => Variant[Systemd::Output, Systemd::SettingEnsure],
    Optional['DefaultStandardError'] => Variant[Systemd::Output, Systemd::SettingEnsure],
    Optional['DefaultTimeoutStartSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultTimeoutStopSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultTimeoutAbortSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultDeviceTimeoutSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultRestartSec'] => Variant[Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultStartLimitIntervalSec'] => Variant[Enum['infinity'], Systemd::Timespan, Systemd::SettingEnsure],
    Optional['DefaultStartLimitBurst'] => Variant[Integer[0], Systemd::SettingEnsure],
    Optional['DefaultEnvironment'] => Variant[String, Systemd::SettingEnsure],
    Optional['ManagerEnvironment'] => Variant[String, Systemd::SettingEnsure],
    Optional['DefaultCPUAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['DefaultBlockIOAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure], # Deprecated in v252. Delete after Debian 11 EOL
    Optional['DefaultIOAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['DefaultIPAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['DefaultMemoryAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['DefaultTasksAccounting'] => Variant[Systemd::Boolean, Systemd::SettingEnsure],
    Optional['DefaultTasksMax'] => Variant[Enum['infinity'], Integer[0], Systemd::Unit::Percent, Systemd::SettingEnsure],
    Optional['DefaultLimitCPU'] => Variant[Enum['infinity'], Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'], Systemd::SettingEnsure],
    Optional['DefaultLimitFSIZE'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitDATA'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitSTACK'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitCORE'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitRSS'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitNOFILE'] => Variant[Integer[-1], Pattern['^(infinity|\d+(:(infinity|\d+))?)$'], Systemd::SettingEnsure],
    Optional['DefaultLimitAS'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitNPROC'] => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$'], Systemd::SettingEnsure],
    Optional['DefaultLimitMEMLOCK'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitLOCKS'] => Variant[Integer[1], Systemd::SettingEnsure],
    Optional['DefaultLimitSIGPENDING'] => Variant[Integer[1], Systemd::SettingEnsure],
    Optional['DefaultLimitMSGQUEUE'] => Variant[Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'], Systemd::SettingEnsure],
    Optional['DefaultLimitNICE'] => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$'], Systemd::SettingEnsure],
    Optional['DefaultLimitRTPRIO'] => Variant[Integer[0], Systemd::SettingEnsure],
    Optional['DefaultLimitRTTIME'] => Variant[Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'], Systemd::SettingEnsure],
    Optional['DefaultOOMPolicy'] => Variant[Enum['continue', 'stop','kill'], Systemd::SettingEnsure],
    Optional['DefaultSmackProcessLabel'] => Variant[String, Systemd::SettingEnsure],
    Optional['ReloadLimitIntervalSec'] => Variant[Enum['infinity'], Systemd::Timespan, Systemd::SettingEnsure],
    Optional['ReloadLimitBurst'] => Variant[Integer[0], Systemd::SettingEnsure],
    Optional['DefaultMemoryPressureWatch'] => Variant[Systemd::SettingEnsure],
    Optional['DefaultMemoryPressureThresholdSec'] => Variant[Systemd::SettingEnsure],
  }]

Systemd::SettingEnsure

Defines allowed ensure states for an ini_setting

Alias of Struct[{ 'ensure' => Enum['absent'] }]

Systemd::Timespan

Defines a timespan type

Alias of Variant[Integer[0], Pattern[/^([0-9]+ *(usec|us|msec|ms|seconds?|sec|s|minutes?|min|m|hours?|hr|h|days?|d|weeks?|w|months?|M|years?|y)? *)+$/]]

Systemd::Unit

custom datatype that validates different filenames for systemd units and unit templates

Alias of Pattern[/^[a-zA-Z0-9:\-_.\\@%]+\.(service|socket|device|mount|automount|swap|target|path|timer|slice|scope)$/]

Systemd::Unit::Amount

Systemd definition of amount, often bytes or united bytes Some man pages are lagging behind and only report support up to Tera. https://github.com/systemd/systemd/blob/main/src/basic/format-util.c shows support for Peta and Exa.

Alias of Variant[Integer[0], Pattern['\A(infinity|\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)\z']]

Systemd::Unit::AmountOrPercent

Systemd definition of amount, often bytes or united bytes

Alias of Variant[Systemd::Unit::Amount, Systemd::Unit::Percent]

Systemd::Unit::Install

Possible keys for the [Install] section of a unit file

Alias of

Struct[{
    Optional['Alias']      => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['WantedBy']   => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['RequiredBy'] => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['Also']       => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
  }]

Systemd::Unit::Mount

Possible keys for the [Mount] section of a unit file

Alias of

Struct[{
    Optional['What']          => String[1],
    Optional['Where']         => Stdlib::Unixpath,
    Optional['Type']          => String[1],
    Optional['Options']       => String[1],
    Optional['SloppyOptions'] => Boolean,
    Optional['LazyUnmount']   => Boolean,
    Optional['ReadWriteOnly'] => Boolean,
    Optional['ForceUnmount']  => Boolean,
    Optional['DirectoryMode'] => Stdlib::Filemode,
    Optional['TimeoutSec']    => String[0],
  }]

Systemd::Unit::Path

Possible keys for the [Path] section of a unit file

Alias of

Struct[{
    Optional['PathExists']              => Variant[Enum[''],Stdlib::Unixpath,Array[Variant[Enum[''],Stdlib::Unixpath],1]],
    Optional['PathExistsGlob']          => Variant[Enum[''],Stdlib::Unixpath,Array[Variant[Enum[''],Stdlib::Unixpath],1]],
    Optional['PathChanged']             => Variant[Enum[''],Stdlib::Unixpath,Array[Variant[Enum[''],Stdlib::Unixpath],1]],
    Optional['PathModified']            => Variant[Enum[''],Stdlib::Unixpath,Array[Variant[Enum[''],Stdlib::Unixpath],1]],
    Optional['DirectoryNotEmpty']       => Variant[Enum[''],Stdlib::Unixpath,Array[Variant[Enum[''],Stdlib::Unixpath],1]],
    Optional['Unit']                    => Systemd::Unit,
    Optional['MakeDirectory']           => Boolean,
    Optional['DirectoryMode']           => Pattern[/\A[0-7]{1,4}\z/],
    Optional['TriggerLimitIntervalSec'] => String,
    Optional['TriggerLimitBurst']       => Integer[0],
  }]

Systemd::Unit::Percent

Systemd definition of a percentage

Alias of Pattern['\A([0-9][0-9]?|100)%\z']

Systemd::Unit::Service

Possible keys for the [Service] section of a unit file

Alias of

Struct[{
    Optional['AmbientCapabilities']       => Variant[Pattern[/^CAP_[A-Z_]+$/],Array[Pattern[/^CAP_[A-Z_]+$/],1]],
    Optional['UMask']                     => String[3,4],
    Optional['User']                      => String[1],
    Optional['Group']                     => String[1],
    Optional['DynamicUser']               => Boolean,
    Optional['SupplementaryGroups']       => Variant[String[0],Array[String[0],1]],
    Optional['WorkingDirectory']          => String[0],
    Optional['Type']                      => Enum['simple', 'exec', 'forking', 'oneshot', 'dbus', 'notify', 'idle'],
    Optional['ExitType']                  => Enum['main', 'cgroup'],
    Optional['RemainAfterExit']           => Boolean,
    Optional['GuessMainPID']              => Boolean,
    Optional['PIDFile']                   => Stdlib::Unixpath,
    Optional['BusName']                   => String[1],
    Optional['ExecStart']                 => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStartPre']              => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStartPost']             => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecCondition']             => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecReload']                => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStop']                  => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStopPost']              => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['KillSignal']                => Pattern[/^SIG[A-Z]+$/],
    Optional['KillMode']                  => Enum['control-group', 'mixed', 'process', 'none'],
    Optional['Nice']                      => Variant[String[0,0],Integer[-20,19]],
    Optional['IOSchedulingClass']         => Enum['','realtime','best-effort','idle'],
    Optional['IOSchedulingPriority']      => Variant[String[0,0],Integer[0,7]],
    Optional['SyslogIdentifier']          => String,
    Optional['LogLevelMax']               => Enum['emerg','alert','crit','err','warning','notice','info','debug'],
    Optional['LimitCPU']                  => Pattern['^\d+(s|m|h|d|w|M|y)?(:\d+(s|m|h|d|w|M|y)?)?$'],
    Optional['LimitFSIZE']                => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitDATA']                 => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitSTACK']                => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitCORE']                 => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitRSS']                  => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitNOFILE']               => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
    Optional['LimitAS']                   => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitNPROC']                => Variant[Integer[-1],Pattern['^(infinity|\d+(:(infinity|\d+))?)$']],
    Optional['LimitMEMLOCK']              => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitLOCKS']                => Integer[1],
    Optional['LimitSIGPENDING']           => Integer[1],
    Optional['LimitMSGQUEUE']             => Pattern['^(infinity|((\d+(K|M|G|T|P|E)?(:\d+(K|M|G|T|P|E)?)?)))$'],
    Optional['LimitNICE']                 => Variant[Integer[0,40], Pattern['^(-\+([0-1]?[0-9]|20))|([0-3]?[0-9]|40)$']],
    Optional['LimitRTPRIO']               => Integer[0],
    Optional['LimitRTTIME']               => Pattern['^\d+(ms|s|m|h|d|w|M|y)?(:\d+(ms|s|m|h|d|w|M|y)?)?$'],
    Optional['CPUAccounting']             => Boolean,
    Optional['CPUShares']                 => Integer[2,262144],
    Optional['StartupCPUShares']          => Integer[2,262144],
    Optional['CPUQuota']                  => Pattern['^([1-9][0-9]*)%$'], # bigger than 100% is okay.
    Optional['MemoryAccounting']          => Boolean,
    Optional['MemoryLow']                 => Systemd::Unit::AmountOrPercent,
    Optional['MemoryMin']                 => Systemd::Unit::AmountOrPercent,
    Optional['MemoryHigh']                => Systemd::Unit::AmountOrPercent,
    Optional['MemoryMax']                 => Systemd::Unit::AmountOrPercent,
    Optional['MemoryLimit']               => Systemd::Unit::Amount,
    Optional['MemorySwapMax']             => Systemd::Unit::AmountOrPercent,
    Optional['TasksAccounting']           => Boolean,
    Optional['TasksMax']                  => Systemd::Unit::AmountOrPercent,
    Optional['IOAccounting']              => Boolean,
    Optional['IOWeight']                  => Integer[1,10000],
    Optional['StartupIOWeight']           => Integer[1,10000],
    Optional['IODeviceWeight']            => Variant[Tuple[Stdlib::Absolutepath, Integer[1,10000]],Array[Tuple[Stdlib::Absolutepath, Integer[1,10000]]]],
    Optional['IOReadBandwidthMax']        => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IOWriteBandwidthMax']       => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IOReadIOPSMax']             => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IOWriteIOPSMax']            => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['DeviceAllow']               => String[1],
    Optional['DevicePolicy']              => Enum['auto','closed','strict'],
    Optional['Slice']                     => String[1],
    Optional['Delegate']                  => Boolean,
    Optional['RestartSec']                => Variant[Integer[0],String],
    Optional['TimeoutStartSec']           => Variant[Integer[0],String],
    Optional['TimeoutStopSec']            => Variant[Integer[0],String],
    Optional['TimeoutAbortSec']           => Variant[Integer[0],String],
    Optional['TimeoutSec']                => Variant[Integer[0],String],
    Optional['TimeoutStartFailureMode']   => Enum['terminate', 'abort', 'kill'],
    Optional['TimeoutStopFailureMode']    => Enum['terminate', 'abort', 'kill'],
    Optional['RuntimeMaxSec']             => Variant[Integer[0],String],
    Optional['RuntimeRandomizedExtraSec'] => Variant[Integer[0],String],
    Optional['WatchdogSec']               => Variant[Integer[0],String],
    Optional['Restart']                   => Enum['no', 'on-success', 'on-failure', 'on-abnormal', 'on-watchdog', 'on-abort', 'always'],
    Optional['SuccessExitStatus']         => String,
    Optional['RestartPreventExitStatus']  => String,
    Optional['RestartForceExitStatus']    => String,
    Optional['RootDirectoryStartOnly']    => Boolean,
    Optional['NonBlocking']               => Boolean,
    Optional['NotifyAccess']              => Enum['none', 'default', 'main', 'exec',  'all'],
    Optional['OOMPolicy']                 => Enum['continue', 'stop','kill'],
    Optional['OOMScoreAdjust']            => Integer[-1000,1000],
    Optional['Environment']               => Variant[String[0],Array[String[1],1]],
    Optional['EnvironmentFile']           => Variant[
      Stdlib::Unixpath,Pattern[/-\/.+/],
      Array[Variant[Stdlib::Unixpath,Pattern[/-\/.+/]],1],
    ],
    Optional['StandardOutput']            => Variant[Enum['inherit','null','tty','journal','kmsg','journal+console','kmsg+console','socket'],Pattern[/\A(file:|append:|truncate:).+$\z/]],
    Optional['StandardError']             => Variant[Enum['inherit','null','tty','journal','kmsg','journal+console','kmsg+console','socket'],Pattern[/\A(file:|append:|truncate:).+$\z/]],
    Optional['StandardInput']             => Variant[Enum['null','tty','tty-force','tty-fail','data','socket'], Pattern[/\A(file:|fd:).+$\z/]],
    Optional['PrivateTmp']                => Boolean,
    Optional['RuntimeDirectory']          => String,
    Optional['RuntimeDirectoryMode']      => Stdlib::Filemode,
    Optional['StateDirectory']            => String,
    Optional['LogsDirectory']             => String,
    Optional['LogsDirectoryMode']         => Stdlib::Filemode,
    Optional['LogRateLimitIntervalSec']   => Variant[Pattern[/^[0-9]+(s|min|h|ms|us)?$/]],
    Optional['LogRateLimitBurst']         => Variant[Integer[0], Pattern[/^[0-9]+$/]],
    Optional['ProtectSystem']             => Variant[Boolean, Enum['full', 'strict']],
    Optional['ProtectHome']               => Variant[Boolean, Enum['read-only', 'tmpfs']],
    Optional['BindPaths']                 => Variant[Stdlib::Unixpath,Pattern[/-\/.+/], Array[Variant[Stdlib::Unixpath,Pattern[/-\/.+/]],1]],
    Optional['BindReadOnlyPaths']         => Variant[Stdlib::Unixpath,Pattern[/-\/.+/], Array[Variant[Stdlib::Unixpath,Pattern[/-\/.+/]],1]],
    Optional['PrivateDevices']            => Boolean,
    Optional['RemoveIPC']                 => Boolean,
    Optional['ProtectKernelModules']      => Boolean,
    Optional['ProtectKernelTunables']     => Boolean,
    Optional['ProtectControlGroups']      => Boolean,
    Optional['RestrictRealtime']          => Boolean,
    Optional['RestrictAddressFamilies']   => Variant[Enum['AF_UNIX', 'AF_INET', 'AF_INET6', 'AF_NETLINK', 'none'], Array[Enum['AF_UNIX', 'AF_INET', 'AF_INET6', 'AF_NETLINK', 'none']]],
    Optional['RestrictNamespaces']        => Variant[Boolean, Enum['ipc', 'net', 'mnt', 'pid', 'user', 'uts', 'cgroup'], Array[Enum['ipc', 'net', 'mnt', 'pid', 'user', 'uts', 'cgroup']]],
    Optional['SystemCallArchitectures']   => Variant[String, Array[String]],
    Optional['SystemCallFilter']          => Variant[String, Array[String]],
    Optional['SystemCallErrorNumber']     => String,
    Optional['ProtectClock']              => Boolean,
    Optional['PrivateUsers']              => Boolean,
    Optional['ProtectKernelLogs']         => Boolean,
    Optional['ProtectProc']               => Enum['noaccess', 'invisible', 'ptraceable', 'default'],
    Optional['ProtectHostname']           => Boolean,
    Optional['RestrictSUIDSGID']          => Boolean,
    Optional['CapabilityBoundingSet']     => Variant[String, Array[String]],
    Optional['NoNewPrivileges']           => Boolean,
    Optional['LockPersonality']           => Boolean,
    Optional['NetworkNamespacePath']      => Stdlib::Unixpath,
    Optional['MemoryDenyWriteExecute']    => Boolean,
  }]

Systemd::Unit::Service::Exec

Possible strings for ExecStart, ExecStartPrep, ...

Alias of Variant[Enum[''], Pattern[/^[@\-:]*(\+|!|!!)?[@\-:]*\/.*/], Pattern[/^[@\-:]*(\+|!|!!)?[@\-:]*[^\/]*(\s.*)?$/]]

Systemd::Unit::Slice

Possible keys for the [Slice] section of a unit file

Alias of

Struct[{
    Optional['CPUAccounting']       => Boolean,
    Optional['CPUQuota']            => Pattern['^([1-9][0-9]*)%$'], # bigger than 100% is okay.
    Optional['CPUShares']           => Integer[2,262144],
    Optional['CPUWeight']           => Variant[Enum['idle'],Integer[1,10000]],
    Optional['Delegate']            => Boolean,
    Optional['DeviceAllow']         => Pattern['^(/dev/)|(char-)|(block-).*$'],
    Optional['DevicePolicy']        => Enum['auto','closed','strict'],
    Optional['IOAccounting']        => Boolean,
    Optional['IODeviceWeight']      => Variant[Tuple[Stdlib::Absolutepath, Integer[1,10000]],Array[Tuple[Stdlib::Absolutepath, Integer[1,10000]]]],
    Optional['IOReadBandwidthMax']  => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IOReadIOPSMax']       => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IOWeight']            => Integer[1,10000],
    Optional['IOWriteBandwidthMax'] => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IOWriteIOPSMax']      => Variant[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount],Array[Tuple[Stdlib::Absolutepath, Systemd::Unit::Amount]]],
    Optional['IPAccounting']        => Boolean,
    Optional['MemoryAccounting']    => Boolean,
    Optional['MemoryHigh']          => Systemd::Unit::AmountOrPercent,
    Optional['MemoryLimit']         => Systemd::Unit::AmountOrPercent, # depprecated in systemd
    Optional['MemoryLow']           => Systemd::Unit::AmountOrPercent,
    Optional['MemoryMax']           => Systemd::Unit::AmountOrPercent,
    Optional['MemoryMin']           => Systemd::Unit::AmountOrPercent,
    Optional['MemorySwapMax']       => Systemd::Unit::AmountOrPercent,
    Optional['Slice']               => String[1],
    Optional['StartupCPUShares']    => Integer[2,262144],
    Optional['StartupIOWeight']     => Integer[1,10000],
    Optional['TasksAccounting']     => Boolean,
    Optional['TasksMax']            => Systemd::Unit::AmountOrPercent,
  }]

Systemd::Unit::Socket

Possible keys for the [Socket] section of a unit file

Alias of

Struct[{
    Optional['ListenStream']            => Variant[Stdlib::Port,String[1]],
    Optional['ListenDatagram']          => Variant[Stdlib::Port,String[1]],
    Optional['ListenSequentialPacket']  => Variant[Stdlib::Port,String[1]],
    Optional['ListenFIFO']              => Stdlib::Unixpath,
    Optional['ListenSpecial']           => Stdlib::Unixpath,
    Optional['ListenNetlink']           => String[1],
    Optional['ListenMessageQueue']      => Pattern[/\A\/.*\z/],
    Optional['ListenUSBFunction']       => Stdlib::Unixpath,
    Optional['SocketProtocol']          => Enum['udplite', 'sctp'],
    Optional['BindIPv6Only']            => Enum['default', 'both', 'ipv6-only'],
    Optional['Backlog']                 => Integer[0],
    Optional['BindToDevice']            => String[1],
    Optional['SocketUser']              => String[1],
    Optional['SocketGroup']             => String[1],
    Optional['SocketMode']              => Stdlib::Filemode,
    Optional['DirectoryMode']           => Stdlib::Filemode,
    Optional['Accept']                  => Boolean,
    Optional['Writable']                => Boolean,
    Optional['FlushPending']            => Boolean,
    Optional['MaxConnections']          => Integer[0],
    Optional['MaxConnectionsPerSource'] => Integer[0],
    Optional['KeepAlive']               => Boolean,
    Optional['KeepAliveTimeSec']        => Integer[0],
    Optional['KeepAliveIntervalSec']    => Integer[0],
    Optional['KeepAliveProbes']         => Integer[0],
    Optional['NoDelay']                 => Boolean,
    Optional['Priority']                => Integer,
    Optional['DeferAcceptSec']          => Integer[0],
    Optional['ReceiveBuffer']           => Variant[Integer[0],String[1]],
    Optional['SendBuffer']              => Variant[Integer[0],String[1]],
    Optional['IPTOS']                   => Variant[Integer,Enum['low-delay', 'throughput', 'reliability', 'low-cost']],
    Optional['IPTTL']                   => Integer[0],
    Optional['Mark']                    => String[1],
    Optional['ReusePort']               => Boolean,
    Optional['SmackLabel']              => String[1],
    Optional['SmackLabelIPIn']          => String[1],
    Optional['SmackLabelIPOut']         => String[1],
    Optional['SELinuxContextFromNet']   => Boolean,
    Optional['PipeSize']                => Variant[Integer[0],String[1]],
    Optional['FreeBind']                => Boolean,
    Optional['Transparent']             => Boolean,
    Optional['Broadcast']               => Boolean,
    Optional['PassCredentials']         => Boolean,
    Optional['PassSecurity']            => Boolean,
    Optional['PassPacketInfo']          => Boolean,
    Optional['Timestamping']            => Enum['off', 'us', 'usec', 'ns'],
    Optional['TCPCongestion']           => Enum['westwood', 'veno', 'cubic', 'lp'],
    Optional['ExecStartPre']            => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStartPost']           => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStopPre']             => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['ExecStopPost']            => Variant[Systemd::Unit::Service::Exec,Array[Systemd::Unit::Service::Exec,1]],
    Optional['TimeoutSec']              => String[1],
    Optional['Service']                 => Systemd::Unit,
    Optional['RemoveOnStop']            => Boolean,
    Optional['Symlinks']                => Variant[Stdlib::Unixpath,Array[Stdlib::Unixpath,1]],
    Optional['FileDescriptorName']      => String[1,255],
    Optional['TriggerLimitIntervalSec'] => String[1],
    Optional['TriggerLimitBurst']       => Integer[0],
  }]

Systemd::Unit::Swap

Possible keys for the [Swap] section of a unit file

Alias of

Struct[{
    Optional['What']          => String[1],
    Optional['Options']       => String[1],
    Optional['Priority']      => Integer,
    Optional['TimeoutSec']    => Variant[Integer[0],String[0]]
  }]

Systemd::Unit::Timer

Possible keys for the [Timer] section of a unit file

Alias of

Struct[{
    Optional['OnActiveSec']        => Systemd::Unit::Timespan,
    Optional['OnBootSec']          => Systemd::Unit::Timespan,
    Optional['OnStartUpSec']       => Systemd::Unit::Timespan,
    Optional['OnUnitActiveSec']    => Systemd::Unit::Timespan,
    Optional['OnUnitInactiveSec']  => Systemd::Unit::Timespan,
    Optional['OnCalendar']         => Systemd::Unit::Timespan,
    Optional['AccuracySec']        => Variant[Integer[0],String],
    Optional['RandomizedDelaySec'] => Variant[Integer[0],String],
    Optional['FixedRandomDelay']   => Boolean,
    Optional['OnClockChange']      => Boolean,
    Optional['OnTimezoneChange']   => Boolean,
    Optional['Unit']               => Systemd::Unit,
    Optional['Persistent']         => Boolean,
    Optional['WakeSystem']         => Boolean,
    Optional['RemainAfterElapse']  => Boolean,
  }]

Systemd::Unit::Timespan

Timer specification for systemd time spans, e.g. timers.

Alias of Variant[Integer[0], String, Array[Variant[Integer[0],String]]]

Systemd::Unit::Unit

Possible keys for the [Unit] section of a unit file

Alias of

Struct[{
    Optional['Description']               => Variant[String,Array[String,1]],
    Optional['Documentation']             => Variant[String,Array[String,1]],
    Optional['Wants']                     => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['Requires']                  => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['Requisite']                 => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['BindsTo']                   => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['PartOf']                    => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['Upholds']                   => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['Conflicts']                 => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['Before']                    => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['After']                     => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['OnFailure']                 => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['OnSuccess']                 => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['PropagatesReloadTo']        => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['ReloadPropagatedFrom']      => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['PropagatesStopTo']          => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['StopPropagatedFrom']        => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['JoinsNamespaceOf']          => Variant[Enum[''],Systemd::Unit,Array[Variant[Enum[''],Systemd::Unit],1]],
    Optional['RequiresMountsFor']         => Variant[Enum[''],Stdlib::Unixpath,Array[Variant[Enum[''],Stdlib::Unixpath],1]],
    Optional['OnSuccessJobMode']          => Enum['fail', 'replace', 'replace-irreversibly', 'isolate', 'flush', 'ignore-dependencies', 'ignore-requirements'],
    Optional['OnFailureJobMode']          => Enum['fail', 'replace', 'replace-irreversibly', 'isolate', 'flush', 'ignore-dependencies', 'ignore-requirements'],
    Optional['IgnoreOnIsolate']           => Boolean,
    Optional['StopWhenUnneeded']          => Boolean,
    Optional['RefuseManualStart']         => Boolean,
    Optional['RefuseManualStop']          => Boolean,
    Optional['AllowIsolate']              => Boolean,
    Optional['DefaultDependencies']       => Boolean,
    Optional['SurviveFinalKillSignal']    => Boolean,
    Optional['CollectMode']               => Enum['inactive', 'inactive-or-failed'],
    Optional['FailureAction']             => Enum['none', 'reboot', 'reboot-force', 'reboot-immediate', 'poweroff', 'poweroff-force', 'poweroff-immediate', 'exit', 'exit-force', 'soft-reboot', 'soft-reboot-force', 'kexec', 'kexec-force', 'halt', 'halt-force', 'halt-immediate'],
    Optional['SuccessAction']             => Enum['none', 'reboot', 'reboot-force', 'reboot-immediate', 'poweroff', 'poweroff-force', 'poweroff-immediate', 'exit', 'exit-force', 'soft-reboot', 'soft-reboot-force', 'kexec', 'kexec-force', 'halt', 'halt-force', 'halt-immediate'],
    Optional['FailureActionExitStatus']   => Variant[Enum[''],Integer[0, 255]],
    Optional['SuccessActionExitStatus']   => Variant[Enum[''],Integer[0, 255]],
    # Conditions and Asserts
    Optional['AssertPathExists']          => Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/],Array[Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/]],1]],
    Optional['AssertPathIsDirectory']     => Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/],Array[Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/]],1]],
    Optional['ConditionPathExists']       => Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/],Array[Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/]],1]],
    Optional['ConditionPathIsDirectory']  => Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/],Array[Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/]],1]],
    Optional['ConditionPathIsMountPoint'] => Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/],Array[Variant[Enum[''],Stdlib::Unixpath,Pattern[/^!.*$/]],1]],
    Optional['StartLimitIntervalSec']     => String[1],
    Optional['StartLimitBurst']           => Integer[1],
  }]

Tasks

systemctl_show

Get systemctl show output of a unit

Supports noop? false

Parameters

bin_path

Data type: String[1]

Path to systemctl binary

properties

Data type: Array[String[1]]

Properties to retrieve from the unit

unit_name

Data type: String[1]

Name of the unit