matrix-docker-ansible-deploy/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2

#jinja2: lstrip_blocks: "True"
[Unit]
Description=Synapse server
{% for service in matrix_synapse_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_synapse_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}

[Service]
Type=simple
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-synapse
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-synapse
{% if matrix_s3_media_store_enabled %}
# Allow for some time before starting, so that media store can mount.
# Mounting can happen later too, but if we start writing,
# we'd write files to the local filesystem and fusermount will complain.
ExecStartPre={{ matrix_host_command_sleep }} 3
{% endif %}

ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
			--log-driver=none \
			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
			--cap-drop=ALL \
			--entrypoint=python \
			--read-only \
			--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
			--network={{ matrix_docker_network }} \
			-e SYNAPSE_CACHE_FACTOR={{ matrix_synapse_cache_factor }} \
			{% if matrix_synapse_container_client_api_host_bind_port %}
			-p {{ matrix_synapse_container_client_api_host_bind_port }}:8008 \
			{% endif %}
			{% if matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled and matrix_synapse_container_federation_api_tls_host_bind_port %}
			-p {{ matrix_synapse_container_federation_api_tls_host_bind_port }}:8448 \
			{% endif %}
			{% if matrix_synapse_federation_enabled and matrix_synapse_container_federation_api_plain_host_bind_port %}
			-p {{ matrix_synapse_container_federation_api_plain_host_bind_port }}:8048 \
			{% endif %}
			{% if matrix_synapse_metrics_enabled and matrix_synapse_container_metrics_api_host_bind_port %}
			-p {{ matrix_synapse_container_metrics_api_host_bind_port }}:{{ matrix_synapse_metrics_port }} \
			{% endif %}
			{% if matrix_synapse_manhole_enabled and matrix_synapse_container_manhole_api_host_bind_port %}
			-p {{ matrix_synapse_container_manhole_api_host_bind_port }}:9000 \
			{% endif %}
			-v {{ matrix_synapse_config_dir_path }}:/data:ro \
			-v {{ matrix_synapse_storage_path }}:/matrix-media-store-parent:slave \
			{% for volume in matrix_synapse_container_additional_volumes %}
			-v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \
			{% endfor %}
			{% for arg in matrix_synapse_container_extra_arguments %}
			{{ arg }} \
			{% endfor %}
			{{ matrix_synapse_docker_image }} \
			-m synapse.app.homeserver -c /data/homeserver.yaml

ExecStop=-{{ matrix_host_command_docker }} kill matrix-synapse
ExecStop=-{{ matrix_host_command_docker }} rm matrix-synapse
ExecReload={{ matrix_host_command_docker }} exec matrix-synapse kill -HUP 1
Restart=always
RestartSec=30
SyslogIdentifier=matrix-synapse

[Install]
WantedBy=multi-user.target