Creating systemd services

A service-file must be created, defining how the service should be started. The default directory for systemd services is "/etc/systemd/system"; services have the ".service" file name extension.

The CLI can be used to generate a systemd .service file:

su - airlock
iam systemd -c /home/airlock/iam -i auth

# "ctrl-d" to switch back to the root user

cp '/home/airlock/iam/instances/auth/airlock-iam-auth.service' '/etc/systemd/system/airlock-iam-auth.service'
chown root:root '/etc/systemd/system/airlock-iam-auth.service' && chmod 644 '/etc/systemd/system/airlock-iam-auth.service'
systemctl enable -f airlock-iam-auth

systemctl start airlock-iam-auth
systemctl status airlock-iam-auth

Here are some basic systemd commands you should familiarize yourself with:

# Get an overview of all Airlock IAM services on the system
systemctl list-units 'airlock-iam*'
systemctl status 'airlock-iam*'

# Stop and start the Airlock IAM service again
systemctl restart airlock-iam-auth

# View the latest standard output (stdout and stderr) messages logged by the Airlock IAM service
journalctl -u airlock-iam-auth -e

If your config root directory (default: /home/airlock/iam) is on the root filesystem partition (/), you may enable the service file in-place, without copying:

systemctl enable '/home/airlock/iam/instances/auth/airlock-iam-auth.service'

Note that if the config root directory is not on the root filesystem partition, the symbolic links created by systemctl will break after a system reboot. To fix that, run the following commands to switch back to the copy-method shown above:

systemctl disable /home/airlock/iam/instances/auth/airlock-iam-auth.service
cp /home/airlock/iam/airlock-iam-auth.service /etc/systemd/system/
systemctl enable -f airlock-iam-auth