mirror of
https://github.com/phfroidmont/self-hosting.git
synced 2025-12-25 21:57:00 +01:00
38 lines
1.4 KiB
Text
38 lines
1.4 KiB
Text
|
[Unit]
|
||
|
|
Description=Docker Application Container Engine
|
||
|
|
Documentation=https://docs.docker.com
|
||
|
|
After=network-online.target docker.socket firewalld.service
|
||
|
|
Wants=network-online.target
|
||
|
|
Requires=docker.socket
|
||
|
|
|
||
|
|
[Service]
|
||
|
|
Type=notify
|
||
|
|
# the default is not to use systemd for cgroups because the delegate issues still
|
||
|
|
# exists and systemd currently does not support the cgroup feature set required
|
||
|
|
# for containers run by docker
|
||
|
|
ExecStart=/usr/bin/dockerd --config-file {{ docker_daemon_config }} -H fd://
|
||
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
||
|
|
LimitNOFILE=1048576
|
||
|
|
# Having non-zero Limit*s causes performance problems due to accounting overhead
|
||
|
|
# in the kernel. We recommend using cgroups to do container-local accounting.
|
||
|
|
LimitNPROC=infinity
|
||
|
|
LimitCORE=infinity
|
||
|
|
# Uncomment TasksMax if your systemd version supports it.
|
||
|
|
# Only systemd 226 and above support this version.
|
||
|
|
TasksMax=infinity
|
||
|
|
TimeoutStartSec=0
|
||
|
|
# set delegate yes so that systemd does not reset the cgroups of docker containers
|
||
|
|
Delegate=yes
|
||
|
|
# kill only the docker process, not all processes in the cgroup
|
||
|
|
KillMode=process
|
||
|
|
# restart the docker process if it exits prematurely
|
||
|
|
Restart=on-failure
|
||
|
|
StartLimitBurst=3
|
||
|
|
StartLimitInterval=60s
|
||
|
|
Environment="NO_PROXY=https://cp-par1.scaleway.com,https://cp-ams1.scaleway.com,https://account.scaleway.com,http://169.254.42.42,192.168.66.0/24"
|
||
|
|
Environment="DOCKER_OPTS=--iptables=false --ip-masq=false"
|
||
|
|
|
||
|
|
[Install]
|
||
|
|
WantedBy=multi-user.target
|
||
|
|
|