From 745697803a50d0cd1ba932aa7e021214d22cb2d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <joerg.sachse@slub-dresden.de>
Date: Thu, 7 Mar 2024 16:30:50 +0100
Subject: [PATCH] feat: place systemd units into
 '/usr/local/lib/systemd/system/' directory for improved handling

---
 .../systemd/system}/chmod_sip_uploads.service |  0
 .../systemd/system}/chown_dip_access.service  |  0
 tasks/install_subapp.yml                      | 55 ++++++++++++++++---
 .../lib/systemd/system}/disapp.service.j2     |  0
 .../lib/systemd/system}/subapp.service.j2     |  0
 .../webservice_status_SLUBarchiv.service.j2   |  0
 6 files changed, 48 insertions(+), 7 deletions(-)
 rename files/{etc/systemd/user => usr/local/lib/systemd/system}/chmod_sip_uploads.service (100%)
 rename files/{etc/systemd/user => usr/local/lib/systemd/system}/chown_dip_access.service (100%)
 rename templates/{etc/systemd/user => usr/local/lib/systemd/system}/disapp.service.j2 (100%)
 rename templates/{etc/systemd/user => usr/local/lib/systemd/system}/subapp.service.j2 (100%)
 rename templates/{etc/systemd/user => usr/local/lib/systemd/system}/webservice_status_SLUBarchiv.service.j2 (100%)

diff --git a/files/etc/systemd/user/chmod_sip_uploads.service b/files/usr/local/lib/systemd/system/chmod_sip_uploads.service
similarity index 100%
rename from files/etc/systemd/user/chmod_sip_uploads.service
rename to files/usr/local/lib/systemd/system/chmod_sip_uploads.service
diff --git a/files/etc/systemd/user/chown_dip_access.service b/files/usr/local/lib/systemd/system/chown_dip_access.service
similarity index 100%
rename from files/etc/systemd/user/chown_dip_access.service
rename to files/usr/local/lib/systemd/system/chown_dip_access.service
diff --git a/tasks/install_subapp.yml b/tasks/install_subapp.yml
index 04ae6b8..89a933e 100644
--- a/tasks/install_subapp.yml
+++ b/tasks/install_subapp.yml
@@ -40,10 +40,49 @@
     state: latest
     allow_unauthenticated: "true"
 
+
+
+##### BEGIN #####
+
+# Previously, our systemd unit files were installed below "/etc/systemd/user/"
+# and activated semi-manually by calling
+# `systemctl enable /full/path/to/systemd-unit.service`. This was the only way
+# to make short names like "subapp.service" usable, which is a major
+# convenience win in everyday operations. On the other hand, it also makes the
+# SubApp start on bootup, which isn't always the desired and safe behaviour.
+#
+# To improve upon this situation, we're now moving the systemd units to
+# "/usr/local/lib/systemd/system/", which, according to systemd's manual, is
+# the more suitable location and also enables the use of short service names
+# even if a service is not enabled and thus doesn't automatically startup on
+# (re)boot.
+
+- name: find systemd units that are installed in the wrong location
+  ansible.builtin.find:
+    paths:
+      - "/etc/systemd/user/"
+    patterns:
+      - "*.service"
+  register: old_unit_files
+
+- name: disable and stop services
+  ansible.builtin.systemd:
+    unit: "{{ item.path | basename }}"
+    enabled: false
+    status: stopped
+  loop: "{{ old_unit_files.files }}"
+  when: old_unit_files.matched > 0
+
+- name: create directory for Systemd unitfiles
+  ansible.builtin.file:
+    path: "/usr/local/lib/systemd/system/"
+    state: directory
+    mode: "0755"
+
 - name: Systemd-Unitfiles installieren (Templates)
   ansible.builtin.template:
-    src: "etc/systemd/user/{{ item }}.j2"
-    dest: "/etc/systemd/user/{{ item }}"
+    src: "usr/local/lib/systemd/system/{{ item }}.j2"
+    dest: "/usr/local/lib/systemd/system/{{ item }}"
     owner: "{{ vault_subapp_vars.files.subapp.owner }}"
     group: "{{ vault_subapp_vars.files.subapp.group }}"
     mode: "0644"
@@ -58,8 +97,8 @@
 
 - name: Systemd-Unitfiles installieren (Files)
   ansible.builtin.copy:
-    src: "etc/systemd/user/{{ item }}"
-    dest: "/etc/systemd/user/{{ item }}"
+    src: "usr/local/lib/systemd/system/{{ item }}"
+    dest: "/usr/local/lib/systemd/system/{{ item }}"
     mode: "0644"
   loop:
     - "chmod_sip_uploads.service"
@@ -82,8 +121,8 @@
   loop:
     - "chmod_sip_uploads.service"
     - "chown_dip_access.service"
-    - "disapp.service"
-    - "subapp.service"
+    # - "disapp.service"    # DO NOT ENABLE, we want to start the DisApp manually after (re)boots.
+    # - "subapp.service"    # DO NOT ENABLE, we want to start the SubApp manually after (re)boots.
     - "webservice_status_SLUBarchiv.service"
   register: subapp_services_enabled
   changed_when: false
@@ -94,11 +133,13 @@
   tags: [systemd]
 
 - name: Services automatisch bei jedem Booten starten
-  ansible.builtin.command: "systemctl enable /etc/systemd/user/{{ item.item }}"        # noqak no-changed-when command-instead-of-module
+  ansible.builtin.command: "systemctl enable {{ item.item }}"        # noqak no-changed-when command-instead-of-module
   loop: "{{ subapp_services_enabled.results }}"
   when: item.stdout != "enabled"
   tags: [systemd]
 
+##### END #####
+
 - name: git installieren
   ansible.builtin.apt:
     name: "git"
diff --git a/templates/etc/systemd/user/disapp.service.j2 b/templates/usr/local/lib/systemd/system/disapp.service.j2
similarity index 100%
rename from templates/etc/systemd/user/disapp.service.j2
rename to templates/usr/local/lib/systemd/system/disapp.service.j2
diff --git a/templates/etc/systemd/user/subapp.service.j2 b/templates/usr/local/lib/systemd/system/subapp.service.j2
similarity index 100%
rename from templates/etc/systemd/user/subapp.service.j2
rename to templates/usr/local/lib/systemd/system/subapp.service.j2
diff --git a/templates/etc/systemd/user/webservice_status_SLUBarchiv.service.j2 b/templates/usr/local/lib/systemd/system/webservice_status_SLUBarchiv.service.j2
similarity index 100%
rename from templates/etc/systemd/user/webservice_status_SLUBarchiv.service.j2
rename to templates/usr/local/lib/systemd/system/webservice_status_SLUBarchiv.service.j2
-- 
GitLab