Services in systemd can be set to wait on the availability of any specific mount point in the local filesystem. This is very useful for NFS mounts as those require the network to be up and running, which can take a while.
This feature is controlled through the RequiresMountsFor option in the unit file of the service.
For instance, I use RequiresMountsFor in the fail2ban
service that is running alongside the reverse proxy of a NextCloud
instance. Hence, I can give access to fail2ban to the logs from the remote
NextCloud and block connections in the reverse proxy not only based on its own
activity, but also based on the activity in NextCloud itself.
The following steps show how to modify the existing service for fail2ban to wait for the folder with remote log files that is mounted with NFS:
-
Edit the unit file
$ sudo systemctl edit fail2ban.service -
Set
RequiresMountsForin the Unit section to the absolute path needed by the service[Unit] RequiresMountsFor=/var/log/nextcloud{: file=“/etc/systemd/system/fail2ban.service.d/override.conf” }
systemd will mount all mounts needed to access the path in
RequiresMountsFor, even those withnoauto. {: .prompt-warning }