<%- | Nspawn::Systemd::Nspawn $data | -%> [Exec] <%- $exec = $data['Exec'] -%> <%- if $exec['Boot'] == false { -%> Boot=no <%- } elsif $exec['Boot'] == true { -%> Boot=yes <%- } -%> <%- if $exec['Ephemeral'] == false { -%> Ephemeral=no <%- } elsif $exec['Ephemeral'] == true { -%> Ephemeral=yes <%- } -%> <%- if $exec['ProcessTwo'] == false { -%> ProcessTwo=no <%- } elsif $exec['ProcessTwo'] == true { -%> ProcessTwo=yes <%- } -%> <%- unless $exec['Parameters'] =~ Undef { -%> <%- if $exec['Parameters'] =~ String { -%> Parameters=<%= $exec['Parameters'] %> <%- } else { -%> Parameters=<%= $exec['Parameters'].map |$param| { if ' ' in $param { if '"' in $param { "'${param}'" } else { "\"${param}\"" } } else { $param } }.join(' ') %> <%- } } -%> <%- unless $exec['Environment'] =~ Undef { -%> <%- $exec['Environment'].each |$key, $value| { -%> Environment=<%= $key %>=<%= $value %> <%- } } -%> <%- unless $exec['User'] =~ Undef { -%> User=<%= $exec['User'] %> <%- } -%> <%- unless $exec['WorkingDirectory'] =~ Undef { -%> WorkingDirectory=<%= $exec['WorkingDirectory'] %> <%- } -%> <%- unless $exec['PivotRoot'] =~ Undef { -%> PivotRoot=<%= $exec['PivotRoot'] %> <%- } -%> <%- unless $exec['Capability'] =~ Undef { -%> Capability=<% if $exec['Capability'] == 'all' {%>all<%} else { %><%= $exec['Capability'].join(' ') -%> <%- } } -%> <%- unless $exec['DropCapability'] =~ Undef { -%> DropCapability=<% if $exec['DropCapability'] == 'all' {%>all<%} else { %><%= $exec['DropCapability'].join(' ') -%> <%- } } -%> <%- unless $exec['AmbientCapability'] =~ Undef { -%> AmbientCapability=<%= $exec['AmbientCapability'].join(' ') -%> <%- } -%> <%- unless $exec['NoNewPrivileges'] =~ Undef { -%> NoNewPrivileges=<%= if $exec['NoNewPrivileges'] { 'yes' } else { 'no' }%> <%- } -%> <%- unless $exec['KillSignal'] =~ Undef { -%> KillSignal=<%= $exec['KillSignal'] %> <%- } -%> <%- unless $exec['Personality'] =~ Undef { -%> Personality=<%= $exec['Personality'] %> <%- } -%> <%- unless $exec['MachineID'] =~ Undef { -%> MachineID=<%= $exec['MachineID'] %> <%- } -%> <%- unless $exec['PrivateUsers'] =~ Undef { -%> PrivateUsers=<%= if $exec['PrivateUsers'] =~ Boolean { if $exec['PrivateUsers'] { 'yes' } else { 'no' } } elsif $exec['PrivateUsers'] =~ Tuple { "<%= $exec['PrivateUsers'].join(':') %>" } else { $exec['PrivateUsers'] } %><%- } -%> <%- unless $exec['NotifyReady'] =~ Undef { -%> NotifyReady=<%= if $exec['NotifyReady'] { 'yes' } else { 'no' }%> <%- } -%> <%- unless $exec['SystemCallFilter'] =~ Undef { -%> SystemCallFilter=<%= $exec['SystemCallFilter'].join(' ') %> <%- } -%> <%- unless $exec['LimitCPU'] =~ Undef { -%> <%- if $exec['LimitCPU'] =~ Tuple { -%> LimitCPU=<%= $exec['LimitCPU'].join(':') %> <%- } else { -%> LimitCPU=<%= $exec['LimitCPU'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitFSIZE'] =~ Undef { -%> <%- if $exec['LimitFSIZE'] =~ Tuple { -%> LimitFSIZE=<%= $exec['LimitFSIZE'].join(':') %> <%- } else { -%> LimitFSIZE=<%= $exec['LimitFSIZE'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitDATA'] =~ Undef { -%> <%- if $exec['LimitDATA'] =~ Tuple { -%> LimitDATA=<%= $exec['LimitDATA'].join(':') %> <%- } else { -%> LimitDATA=<%= $exec['LimitDATA'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitSTACK'] =~ Undef { -%> <%- if $exec['LimitSTACK'] =~ Tuple { -%> LimitSTACK=<%= $exec['LimitSTACK'].join(':') %> <%- } else { -%> LimitSTACK=<%= $exec['LimitSTACK'] %> <%- } -%> <%- } -%> <%- unless $exec['limitSTACK'] =~ Undef { -%> <%- if $exec['limitSTACK'] =~ Tuple { -%> limitSTACK=<%= $exec['limitSTACK'].join(':') %> <%- } else { -%> limitSTACK=<%= $exec['limitSTACK'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitCORE'] =~ Undef { -%> <%- if $exec['LimitCORE'] =~ Tuple { -%> LimitCORE=<%= $exec['LimitCORE'].join(':')%> <%- } else { -%> LimitCORE=<%= $exec['LimitCORE'] %> <%- } -%> <%- } -%> <%- unless $exec['LIMITRSS'] =~ Undef { -%> <%- if $exec['LIMITRSS'] =~ Tuple { -%> LIMITRSS=<%= $exec['LIMITRSS'].join(':') %> <%- } else { -%> LIMITRSS=<%= $exec['LIMITRSS'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitNOFILE'] =~ Undef { -%> <%- if $exec['LimitNOFILE'] =~ Tuple { -%> LimitNOFILE=<%= $exec['LimitNOFILE'].join(':') %> <%- } else { -%> LimitNOFILE=<%= $exec['LimitNOFILE'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitAS'] =~ Undef { -%> <%- if $exec['LimitAS'] =~ Tuple { -%> LimitAS=<%= $exec['LimitAS'].join(':') %> <%- } else { -%> LimitAS=<%= $exec['LimitAS'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitNPROC'] =~ Undef { -%> <%- if $exec['LimitNPROC'] =~ Tuple { -%> LimitNPROC=<%= $exec['LimitNPROC'].join(':') %> <%- } else { -%> LimitNPROC=<%= $exec['LimitNPROC'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitLOCKS'] =~ Undef { -%> <%- if $exec['LimitLOCKS'] =~ Tuple { -%> LimitLOCKS=<%= $exec['LimitLOCKS'].join(':') %> <%- } else { -%> LimitLOCKS=<%= $exec['LimitLOCKS'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitSIGPENDING'] =~ Undef { -%> <%- if $exec['LimitSIGPENDING'] =~ Tuple { -%> LimitSIGPENDING=<%= $exec['LimitSIGPENDING'].join(':') %> <%- } else { -%> LimitSIGPENDING=<%= $exec['LimitSIGPENDING'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitMSGQUEUE'] =~ Undef { -%> <%- if $exec['LimitMSGQUEUE'] =~ Tuple { -%> LimitMSGQUEUE=<%= $exec['LimitMSGQUEUE'].join(':') %> <%- } else { -%> LimitMSGQUEUE=<%= $exec['LimitMSGQUEUE'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitNICE'] =~ Undef { -%> <%- if $exec['LimitNICE'] =~ Tuple { -%> LimitNICE=<%= $exec['LimitNICE'].join(':') %> <%- } else { -%> LimitNICE=<%= $exec['LimitNICE'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitRTPRIO'] =~ Undef { -%> <%- if $exec['LimitRTPRIO'] =~ Tuple { -%> LimitRTPRIO=<%= $exec['LimitRTPRIO'].join(':') %> <%- } else { -%> LimitRTPRIO=<%= $exec['LimitRTPRIO'] %> <%- } -%> <%- } -%> <%- unless $exec['LimitRTTIME'] =~ Undef { -%> <%- if $exec['LimitRTTIME'] =~ Tuple { -%> LimitRTTIME=<%= $exec['LimitRTTIME'].join(':') %> <%- } else { -%> LimitRTTIME=<%= $exec['LimitRTTIME'] %> <%- } -%> <%- } -%> <%- unless $exec['OOMScoreAdjust'] =~ Undef { -%> OOMScoreAdjust=<%= $exec['OOMScoreAdjust'] %> <%- } -%> <%- unless $exec['CPUAffinity'] =~ Undef { -%> CPUAffinity=<%= $exec['CPUAffinity'].map |$aff| { if $aff =~ Tuple { "${aff[0]}-${aff[1]}" } else { "${aff}" }.join(',') } %> <%- } -%> <%- unless $exec['Hostname'] =~ Undef { -%> Hostname=<%= $exec['Hostname'] %> <%- } -%> <%- unless $exec['ResolvConf'] =~ Undef { -%> ResolvConf=<%= $exec['ResolvConf'] %> <%- } -%> <%- unless $exec['Timezone'] =~ Undef { -%> Timezone=<%= $exec['Timezone'] %> <%- } -%> <%- unless $exec['LinkJournal'] =~ Undef { -%> LinkJournal=<%= $exec['LinkJournal'] %> <%- } -%> [Files] <%- unless $exec['ReadOnly'] =~ Undef { -%> ReadOnly=<%= if $exec['ReadOnly'] { 'yes' } else { 'no' } %> <%- } -%> <%- unless $exec['Volatile'] =~ Undef { -%> <%- if $exec['Volatile'] =~ Boolean { -%> Volatile=<%= if $exec['Volatile'] { 'yes' } else { 'no' } %> <%- } else { -%> Volatile=<%= $exec['Volatile'] %> <%- } -%> <%- } -%> <%- unless $exec['Bind'] =~ Undef { $exec['Bind'].each |$bind| { -%> <%- if $bind =~ Tuple[String, String] { -%> Bind=<%= $bind[0] %>:<%= $bind[1] %> <%- } elsif $bind =~ Tuple[String, String, Array[String]] { -%> Bind=<%= $bind[0] %>:<%= $bind[1] %>:<%= $bind[2].join(':') %> <%- } elsif $bind =~ Struct { -%> Bind=<%= $bind['source'] %>:<%= $bind['dest'] %><%- if $bind['options'] { %>:<%= $bind['options'].join(':') %><%- } -%> <%- } else { -%> Bind=<%= $exec['Bind'] %> <%- } -%> <%- }} -%> <%- unless $exec['BindReadOnly'] =~ Undef { $exec['Bind'].each |$bind| { -%> <%- if $bind =~ Tuple[String, String] { -%> BindReadOnly=<%= $bind[0] %>:<%= $bind[1] %> <%- } elsif $bind =~ Tuple[String, String, Array[String]] { -%> BindReadOnly=<%= $bind[0] %>:<%= $bind[1] %>:<%= $bind[2].join(':') %> <%- } elsif $bind =~ Struct { -%> BindReadOnly=<%= $bind['source'] %>:<%= $bind['dest'] %><%- if $bind['options'] { %>:<%= $bind['options'].join(':') %><%- } -%> <%- } else { -%> BindReadOnly=<%= $exec['Bind'] %> <%- } -%> <%- }} -%> <%- unless $exec['BindUser'] =~ Undef {$exec['BindUser'].each |$user| { -%> BindUser=<%= $user %> <%- } } -%> <%- unless $exec['TemporaryFileSystem'] =~ Undef {$exec['TemporaryFileSystem'].each |$fs| { -%> TemporaryFileSystem=<%= if $fs =~ Tuple { $fs.join(':') } else { $fs } %> <%- } } -%> <%- unless $exec['Inaccessible'] =~ Undef {$exec['Inaccessible'].each |$path| { -%> Inaccessible=<%= $path %> <%- } } -%> <%- unless $exec['Overlay'] =~ Undef {$exec['Overlay'].each |$paths| { -%> Overlay=<%= $paths.join(':') %> <%- } } -%> <%- unless $exec['OverlayReadOnly'] =~ Undef {$exec['OverlayReadOnly'].each |$paths| { -%> OverlayReadOnly=<%= $paths.join(':') %> <%- } } -%> <%- unless $exec['PrivateUsersOwnership'] =~ Undef { -%> PrivateUsersOwnership=<%= $exec['PrivateUsersOwnership'] %> <%- } -%> [Network] <%- unless $exec['Private'] =~ Undef { -%> Private=<%= if $exec['Private'] { 'yes' } else { 'no' } %> <%- } -%> <%- unless $exec['VirtualEthernet'] =~ Undef { -%> VirtualEthernet=<%= if $exec['VirtualEthernet'] { 'yes' } else { 'no' } %> <%- } -%> <%- unless $exec['VirtualEthernetExtra'] =~ Undef { $exec['VirtualEthernetExtra'].each |$interface| { -%> VirtualEthernetExtra=<%= if $interface =~ Tuple { $interface.join(':') } else { $interface } %> <%- } -%> <%- } -%> <%- unless $exec['Interface'] =~ Undef { -%> Interface=<%= $exec['Interface'].join(' ') %> <%- } -%> <%- unless $exec['MACVLAN'] =~ Undef { -%> MACVLAN=<%= $exec['MACVLAN'].join(' ') %> <%- } -%> <%- unless $exec['IPVLAN'] =~ Undef { -%> IPVLAN=<%= $exec['IPVLAN'].join(' ') %> <%- } -%> <%- unless $exec['Bridge'] =~ Undef { -%> Bridge=<%= $exec['Bridge'] %> <%- } -%> <%- unless $exec['Zone'] =~ Undef { -%> Zone=<%= $exec['Zone'] %> <%- } -%> <%- unless $exec['Port'] =~ Undef { $exec['Port'].each |$p| { -%> Port=<%= $p.join(':') %> <%- } -%> <%- } -%>