===== Systemctl =====

==== Commands ====

  systemctl disable service                                    #Disable service from autostart e.g. "systemctl disable dhcpcd.service"
  systemctl mask service                                       #User can´t start service anymore (until "enable")
  systemctl enable service                                     #Enable service for autostart
  systemctl cat service                                        #Show info about service
  systemctl is-enabled  apache2; echo $?                       #Show status autostart
  /etc/systemd/system/                                         #Path for init/ start scripts
  systemctl --type=service                                     #Overview running services
  systemctl list-unit-files                                    #Overview running services simple
  systemctl list-units                                         #Overview running services detailed
  systemctl list-units --state=failed
  systemctl list-dependencies lwsmd.service                    #Show dependencies
  systemctl daemon-reload                                      #Run after changing config file (e. g. "/lib/systemd/system/squid.service")
  systemd-analyze                                              #Profile systemd, show unit dependencies, check unit files.
  systemd-analyze blame                                        #Print list of running units ordered by time to init
  systemd-analyze plot > file.svg                              #Output SVG graphic showing service initialization - open e. g. with browser
  systemctl show -p WantedBy network-online.target
  systemctl isolate target.target                              #switch runlevel - e. g. multi-user.target to graphical.target
  journalctl
  journalctl -xe
  journalctl -u sshd -f                                        # "-f" -> follow such as "tail -f file"
  journalctl -u kubelet.service
  systemctl list-units --state=failed
  sudo journalctl -xeu kubelet -o verbose
  journalctl -fxeu kubelet.service
  sudo journalctl -f -u kubelet.service
  journalctl -F _SYSTEMD_UNIT                                  #Show all systemd units that have been started in your journal
  systemctl status systemd-journald
  systemctl restart systemd-journald
  journalctl --since=2018-10-15 --until="2018-10-16 23:59:59"
  journalctl --list-boot
  /run/log/journal/<sysid>/                                    #logfiles journald (default not reboot persitant)
  journalctl --file=/run/log/journal/<sysid>/<filename>        #Output journald log (if not show by "journalctl" (rotated)
  journalctl --disk-usage                                      #check the amount of space that the journal is currently occupying on your disk
  /etc/systemd/journald.conf
  systemd-delta                                                #show delta between "/etc/systemd/system" (folder which should contain personalized targets) and "/usr/lib/systemd/system/"
  systemctl list-units --type=mount
  systemctl stop ufw.service
  
==== Set Runlevel ====

To set runlevel to commandline, run:

  systemctl get-default
  systemctl set-default                                        #Tab Tab shows all options
  systemctl set-default multi-user.target
  
Manually:

  ln -sf /usr/lib/systemd/system/multi-user.target /etc/systemd/system/default.target 

==== Service Units ====

Service units are located on SLES12 in:

  /usr/lib/systemd/system/
  
Debian/ Ubuntu:

  /lib/systemd/system
  
and customization targets into

  /etc/systemd/system/
  
and run

  systemctl daemon-reload
  
to update it.
  
**Warning: Always do systemd customization in "/etc/systemd/system/", never in "/usr/lib/systemd/system/". Otherwise your changes will be overwritten by the next update of systemd!**
  
Service units are located on Raspian in:

  /lib/systemd/system

Example unit "Squid Proxy":

<code>
[Unit]
# Description
Description=Squid Proxy
After=network.target network-online.target nss-lookup.target

[Service]
#Type=simple  (without forking)
#Type=oneshot (executing just once)
#Type=forking  (forking services like e. g. webserver)
Type=forking
User=nobody
Group=root

#Environment="JAVA_HOME=/usr/lib/jvm/default-java"
#EnvironmentFile="path/to/file"

ExecStart=/usr/local/squid/sbin/squid -f /usr/local/squid/etc/squid.conf -d1
#ExecStart=/usr/local/squid/sbin/squid
ExecStop=/usr/local/squid/sbin/squid -k shutdown

[Install]
# Target
WantedBy=multi-user.target
</code>

Example Gitea:

<code>
[Unit]
Description=Gitea (Git with a cup of tea)
After=syslog.target
After=network.target
After=postgresql.service

[Service]
RestartSec=2s
Type=simple
User=git
Group=git
WorkingDirectory=/home/git/go/src/code.gitea.io/gitea
ExecStart=/home/git/go/src/code.gitea.io/gitea/gitea web
Restart=always
Environment=USER=git HOME=/home/git

[Install]
WantedBy=multi-user.target
</code>

Iptables:

<code>
[Unit]
Description=iptables 
DefaultDependencies=no
Wants=network-pre.target systemd-modules-load.service local-fs.target
Before=network-pre.target shutdown.target
After=systemd-modules-load.service local-fs.target
Conflicts=shutdown.target

[Service]
Type=oneshot
RemainAfterExit=yes
#ExecStartPre=
ExecStart=/bin/sh -c "/sbin/iptables-restore < /etc/iptables"
ExecStartPost=/usr/bin/echo -e "\033[0;33m Start routing! \033[0m"
ExecStartPost=/bin/sh -c "/usr/bin/echo "1" > /proc/sys/net/ipv4/ip_forward"

ExecStop=/usr/bin/echo -e "\033[0;33m Stop routing! \033[0m"
ExecStop=/bin/sh -c "/usr/bin/echo "0" > /proc/sys/net/ipv4/ip_forward"
ExecStop=/bin/sh -c "/sbin/iptables -F && /sbin/iptables -X && /sbin/iptables -t nat -F && /sbin/iptables -t nat -X && /sbin/iptables -t mangle -F && /sbin/iptables -t mangle -X && /sbin/iptables -P INPUT ACCEPT && /sbin/iptables -P FORWARD ACCEPT && /sbin/iptables -P OUTPUT ACCEPT"
ExecStop=/usr/bin/echo -e "\033[0;33m iptables deleted! \033[0m"

[Install]
WantedBy=multi-user.target
#WantedBy=network-online.target
</code>

powertop:

<code>
cat << EOF | sudo tee /etc/systemd/system/powertop.service
[Unit]
Description=PowerTOP auto tune

[Service]
Type=idle
Environment="TERM=dumb"
ExecStart=/usr/sbin/powertop --auto-tune

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl enable powertop.service
</code>

docker-compose:

<code>
# /etc/systemd/system/docker-compose-app.service

[Unit]
Description=Docker Compose Application Service
Requires=docker.service
After=docker.service

[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/srv/docker
ExecStart=/usr/local/bin/docker-compose up -d
ExecStop=/usr/local/bin/docker-compose down
TimeoutStartSec=0

[Install]
WantedBy=multi-user.target
</code>

<code>
[Unit]
Description=Things devices
After=network.target

[Mount]
What=172.16.24.192:/mnt/things
Where=/mnt/things
Type=nfs
Options=_netdev,auto

[Install]
WantedBy=multi-user.target
</code>

Check if a mount (e. g. /var/lib/docker/volumes) is established before service starts (dependant):

  systemctl list-units | grep '/var/lib/docker/volumes' | awk '{ print $1 }'
  
Add

<code> 
[Unit]
Description=Some Service
After=network.target lvm2-monitor.service SuSEfirewall2.service var-lib-docker-volumes.mount
Requires=var-lib-docker-volumes.mount
Before=some_other_unit.service  

.
.
.
</code>
 
to service unit!

====systemd targets====

  multi-user.target                  #multiuser + network
  graphical.target                   #multiuser + network + desktop
  rescue.target                      #singleuser (runlevel 1)
  emergency.target                   #emergency initrd shell
  reboot.target                      #unit will be executed only on system-reboot
  poweroff.target                    #unit will be executed only on shutdown