29 lines
737 B
YAML
29 lines
737 B
YAML
- name: create override directory
|
|
file:
|
|
path: "/etc/systemd/system/{{ item }}.service.d"
|
|
mode: 0755
|
|
state: directory
|
|
loop: "{{ services }}"
|
|
- name: disable mount namespaces
|
|
copy:
|
|
content: |
|
|
[Service]
|
|
ProtectSystem=false
|
|
PrivateTmp=false
|
|
PrivateDevices=false
|
|
ProtectHome=false
|
|
ProtectControlGroups=false
|
|
ProtectKernelModules=false
|
|
InaccessibleDirectories=
|
|
ReadOnlyDirectories=
|
|
ReadWriteDirectories=
|
|
InaccessiblePaths=
|
|
ReadOnlyPaths=
|
|
ReadWritePaths=
|
|
dest: "/etc/systemd/system/{{ item }}.service.d/override.conf"
|
|
loop: "{{ services }}"
|
|
register: service_overrides
|
|
notify:
|
|
- reload systemd
|
|
- restart service for overrides
|