11[Unit]
22Description=Gotrue
33
4+ # Avoid starting gotrue while cloud-init is running. It makes a lot of changes
5+ # and I would like to rule out side effects of it running concurrently along
6+ # side services.
7+ After=cloud-init.service
8+ Wants=cloud-init.target
9+
10+ # Given the fact that auth uses SO_REUSEADDR, I want to rule out capabilities
11+ # being modified between restarts early in boot. This plugs up the scenario that
12+ # EADDRINUSE errors originate from a previous gotrue process starting without
13+ # the SO_REUSEADDR flag (due to lacking capability at that point in boot proc)
14+ # so when the next gotrue starts it can't re-use a slow releasing socket.
15+ After=apparmor.service
16+
17+ # We want sysctl's to be applied
18+ After=systemd-sysctl.service
19+
20+ # UFW Is modified by cloud init, but started non-blocking, so configuration
21+ # could be in-flight while gotrue is starting. I want to ensure future rules
22+ # that are relied on for security posture are applied before gotrue runs.
23+ After=ufw.service
24+
25+ # We need networking & resolution, auth uses the Go DNS resolver (not libc)
26+ # so it's possible `localhost` resolution could be unstable early in startup. We
27+ # care about this because SO_REUSEADDR eligibility checks the tuple
28+ # (proto, family, addr, port) meaning the AF_INET (ipv4, ipv6) could affect the
29+ # binding resulting in a second way for EADDRINUSE errors to surface.
30+ #
31+ # Note: We should consider removing localhost usage given `localhost` resolution
32+ # can often be racey early in boot, can be difficult to debug and offers no real
33+ # advantage in our infra. At the very least avoiding DNS resolved binding would
34+ # be a good idea.
35+ Wants=network-online.target systemd-resolved.service
36+ After=network-online.target systemd-resolved.service
37+
38+ # Auth server can't start unless postgres is online, lets remove a lot of auth
39+ # server noise during slow starts by requiring it.
40+ Wants=postgresql.service
41+ After=postgresql.service
42+
43+ # Lower start limit ival and burst to prevent the noisy flapping
44+ StartLimitIntervalSec=10
45+ StartLimitBurst=5
46+
447[Service]
5- Type=simple
48+ Type=exec
649WorkingDirectory=/opt/gotrue
7- {% if qemu_mode is defined and qemu_mode %}
8- ExecStart=/opt/gotrue/gotrue
9- {% else %}
50+
51+ # Both v2 & v3 need a config-dir for reloading support.
1052ExecStart=/opt/gotrue/gotrue --config-dir /etc/auth.d
11- {% endif %}
53+ ExecReload=/bin/kill -10 $MAINPID
1254
1355User=gotrue
1456Restart=always
@@ -17,11 +59,36 @@ RestartSec=3
1759MemoryAccounting=true
1860MemoryMax=50%
1961
62+ # These are the historical location of env files. The /etc/auth.d dir will
63+ # override them when present.
2064EnvironmentFile=-/etc/gotrue.generated.env
2165EnvironmentFile=/etc/gotrue.env
2266EnvironmentFile=-/etc/gotrue.overrides.env
2367
68+ # Both v2 & v3 support reloading via signals, on linux this is SIGUSR1.
69+ Environment=GOTRUE_RELOADING_SIGNAL_ENABLED=true
70+ Environment=GOTRUE_RELOADING_SIGNAL_NUMBER=10
71+
72+ # Both v2 & v3 disable the poller. While gotrue sets it to off by default we
73+ # defensively set it to false here.
74+ Environment=GOTRUE_RELOADING_POLLER_ENABLED=false
75+
76+ # Determines how much idle time must pass before triggering a reload. This
77+ # ensures only 1 reload operation occurs during a burst of config updates.
78+ Environment=GOTRUE_RELOADING_GRACE_PERIOD_INTERVAL=2s
79+
80+ {% if qemu_mode is defined and qemu_mode %}
81+ # v3 does not use filesystem notifications for config reloads.
82+ Environment=GOTRUE_RELOADING_NOTIFY_ENABLED=false
83+ {% else %}
84+ # v2 currently relies on notify support, so we will enable it until both v2 / v3
85+ # have migrated to strictly use signals across all projects. The default is true
86+ # in gotrue but we will set it defensively here.
87+ Environment=GOTRUE_RELOADING_NOTIFY_ENABLED=true
88+ {% endif %}
89+
2490Slice=services.slice
2591
2692[Install]
2793WantedBy=multi-user.target
94+
0 commit comments