Add systemd example

README.md

@@ -34,6 +34,8 @@ If a variable takes a list, the values are space separated when using command li
 
 Create a systemd unit and timer, a cron job or any other similar mechanism to run the program every X minutes.
 
+You can find an example `caco-mela.unit` and `caco-mela.timer`.
+
 ## Tests
 
 To avoid changing your local authorized_keys, run everything inside a container:
@@ -42,5 +44,3 @@ To avoid changing your local authorized_keys, run everything inside a container:
 cd tests
 docker-compose up
 ```
-
-If you add more tests, any variable you set in test.env must be set in all the tests, otherwise they will interfere with each other.

caco-mela.timer

@@ -0,0 +1,10 @@
+[Unit]
+Description=Sync SSH keys every 15-16 minutes
+
+[Timer]
+OnBootSec=2min
+OnUnitActiveSec=15min
+RandomizedDelaySec=60
+
+[Install]
+WantedBy=timers.target

caco-mela.unit

@@ -0,0 +1,21 @@
+[Unit]
+Description=Sync SSH keys
+After=network.target
+
+[Service]
+Type=oneshot
+ExecStart=/path/to/caco-mela/venv/python /path/to/caco-mela/caco-mela.py
+StandardOutput=journal
+StandardError=journal
+Environment="LDAP_BIND_SERVER=ldap://localhost:3389"
+Environment="LDAP_BIND_DN=cn=Directory Manager"
+Environment="LDAP_BIND_PASSWORD=asd"
+Environment="LDAP_SEARCH_BASE=ou=people,dc=example,dc=test"
+Environment="LDAP_FILTER=(memberOf=cn=sysadmin,ou=groups,dc=example,dc=test)"
+Environment="SSH_AUTHORIZED_KEYS_FILES=/etc/ssh/authorized-keys/%u"
+Environment="SSH_USER_OWNS_FILE=1"
+Environment="IGNORED_ACCOUNTS=foo,bar,baz"
+Environment="SHARED_ACCOUNTS=quux"
+
+[Install]
+WantedBy=multi-user.target