matrix-docker-ansible-deploy/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2

#jinja2: lstrip_blocks: "True"
[Unit]
Description=Matrix Goofys media store
After=docker.service
Requires=docker.service

[Service]
Type=simple
ExecStartPre=-{{ matrix_host_command_docker }} kill %n
ExecStartPre=-{{ matrix_host_command_docker }} rm %n

ExecStart={{ matrix_host_command_docker }} run --rm --name %n \
			--log-driver=none \
			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
			-v /etc/passwd:/etc/passwd:ro \
			-v /etc/group:/etc/group:ro \
			--security-opt apparmor:unconfined \
			--cap-add mknod \
			--cap-add sys_admin \
			--device=/dev/fuse \
			-v {{ matrix_synapse_media_store_path }}:/s3:shared \
			--env-file={{ matrix_synapse_config_dir_path }}/env-goofys \
			--entrypoint /bin/sh \
			{{ matrix_s3_goofys_docker_image }} \
			-c 'goofys -f{% if not matrix_s3_media_store_custom_endpoint_enabled %} --storage-class=STANDARD_IA{% endif %}{% if matrix_s3_media_store_custom_endpoint_enabled %} --endpoint={{ matrix_s3_media_store_custom_endpoint }}{% endif %} --region {{ matrix_s3_media_store_region }} --stat-cache-ttl 60m0s --type-cache-ttl 60m0s --dir-mode 0700 --file-mode 0700 {{ matrix_s3_media_store_bucket_name }} /s3'

TimeoutStartSec=5min
ExecStop=-{{ matrix_host_command_docker }} stop %n
ExecStop=-{{ matrix_host_command_docker }} kill %n
ExecStop=-{{ matrix_host_command_docker }} rm %n
ExecStop=-{{ matrix_host_command_fusermount }} -u {{ matrix_synapse_media_store_path }}
Restart=always
RestartSec=5
SyslogIdentifier=matrix-goofys

[Install]
WantedBy=multi-user.target