diff --git a/docs/systemd.md b/docs/systemd.md new file mode 100644 index 00000000..f9f92dff --- /dev/null +++ b/docs/systemd.md @@ -0,0 +1,78 @@ +## Start a local Satosa-saml2spid istance with a SystemD Service + +In this example is provided with this assumption: +* Satosa-saml2spid is installed in `/opt/satosa` +* Satosa-saml2spid is executed from a Python VirtualENV sited in `/opt/satosa/env` +* Satosa-saml2spid is executed from `satosa` user + +Create a new SystemD service with the command: +``` +sudo systemctl edit --force --full satosa.service +``` + +copy and personalize this service example: +``` +Description=UWSGI server for Satosa Proxy + +## Socket +# After=syslog.target +# Requires=satosa.sock +## Network +Requires=network.target +After=network.target + +[Service] +# Foreground process +Type=simple + +# Preferably configure a non-privileged user +User=satosa +Group=satosa +WorkingDirectory=/opt/satosa +ExecStart=/bin/bash -c 'cd /opt/satosa && source env/bin/activate && uwsgi --ini ./uwsgi_setup/uwsgi.ini --thunder-lock' +Restart=always +KillSignal=SIGQUIT + +## socket +# [Install] +# WantedBy=sockets.target +``` +Enable the service: +``` +sudo systemctl enable satosa.service +``` + +### Satosa with socket +If you want enable Satosa-saml2spid by socket you should edit the service: +``` +sudo systemctl edit --full satosa.service +``` +uncomment follow line: +* `After=syslog.target` +* `Requires=satosa.sock` +* `[Install]` +* `WantedBy=sockets.target` + +create the socket target: +``` +sudo systemctl edit --full --force satosa.sockets +``` + +Copy and personalize this socket example: +``` +[Unit] +Description=Socket for satosa + +[Socket] +# Change this to your uwsgi application port or unix socket location +ListenStream=/opt/satosa//tmp/sockets/satosa.sock +SocketMode=0770 + +[Install] +WantedBy=sockets.target +``` + +enable il socket: +``` +sudo systectl enable satosa.socket +``` diff --git a/example/uwsgi_setup/SystemD/README.md b/example/uwsgi_setup/SystemD/README.md deleted file mode 100644 index 6fb9f6f7..00000000 --- a/example/uwsgi_setup/SystemD/README.md +++ /dev/null @@ -1,22 +0,0 @@ -### Avvio satosa tramite systemd - -I seguenti script sono esempi per avviare il proy satosa tramite SystemD. Negli esempi vengono considerati i seguenti presupposti: -* Satosa è installano nella directory `/home/satosa/production/current` -* Satosa viene eseguito in un VirtualENV di Python -* Il VitualENV di python è installato su `/home/satosa/production/current/satosa.env` -* Il Satosa proxy viene eseguito da l'utente satosa -* Il Satosa proxy è configurato per offrire servizi tramite socket -* Il socket Satosa è posizioneto su `ListenStream=/home/satosa/production/current/tmp/sockets/satosa.sock` - -Per configurare SystemD seguire la seguente procedura: - -* copiare i file `satosa.service` e `satosa.sock` nella directory /etc/systemd/systemd -* far rilegere i file di configurazione a SistemD con il comando `sudo systemctl daemon-reload` -* abilitare socket `sudo systemctl enable satosa.socket` -* abilitare il service `sudo systemct enable satosa.service` - -Nel caso Satosa proxy lavori tramite rete (es: 127.0.0.1:8003) -* disabilitare il socket `systemctl disable satosa.socket` -* commentare nel file `satosa.service` la riga `Requires=satosa.sock` -* decommentare nel file `satosa.service` la riga `Requires=network.target` -* decommentare nel file `satosa.service` la riga `After=network.target` diff --git a/example/uwsgi_setup/SystemD/satosa.service b/example/uwsgi_setup/SystemD/satosa.service deleted file mode 100644 index 6bfc568a..00000000 --- a/example/uwsgi_setup/SystemD/satosa.service +++ /dev/null @@ -1,24 +0,0 @@ -Description=UWSGI server for Satosa Proxy -## Socket -After=syslog.target -Requires=satosa.sock -## Network -# Requires=network.target -# After=network.target - - -[Service] -# Foreground process -Type=simple - -# Preferably configure a non-privileged user -User=satosa -Group=satosa -WorkingDirectory=/home/satosa/production/current -ExecStart=/bin/bash -c 'cd /home/satosa/production/current && source satosa.env/bin/activate && uwsgi --ini ./uwsgi_setup/uwsgi.ini --thunder-lock' -Restart=always -KillSignal=SIGQUIT - -[Install] -WantedBy=sockets.target - diff --git a/example/uwsgi_setup/SystemD/satosa.socket b/example/uwsgi_setup/SystemD/satosa.socket deleted file mode 100644 index c295b91c..00000000 --- a/example/uwsgi_setup/SystemD/satosa.socket +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Socket for satosa - -[Socket] -# Change this to your uwsgi application port or unix socket location -ListenStream=/home/satosa/production/current/tmp/sockets/satosa.sock -SocketMode=0770 - -[Install] -WantedBy=sockets.target