Finally getting full circle. dotfiles generating systemd user services, such as setting up Codium as a remote server, using my #systemd universal manager extension to manage them, etc.
https://github.com/gbraad-vscode/systemd-universal-manager
Will soon add some stuff, as I am I need to handle mounts and containers (quadlets).
Manage Linux Systemd Services Easily With Systemd-manager-tui #systemd #rust #systemctl #journalctl #linux #tui #opensource
https://ostechnix.com/manage-linux-systemd-services-with-systemd-manager-tui/
Have added a way to run background processes from application definitions using #systemd
apps tailproxy install
apps tailproxy service status
apps tailproxy up
apps tailproxy status online
As described in:
https://github.com/gbraad-dotfiles/applications/blob/main/tailproxy.md
This allows me to easily spin up a user-space #tailscale daemon.
The systemd project was and is a *huge* leap forward for Linux. I can't imagine doing sysops without it.
https://blog.tjll.net/the-systemd-revolution-has-been-a-success/
Update: suspected "AI" usage for the images in the post, in case you want to avoid this.
Hm bin ich doof. warum führt systemctl start rubot.timer auch automatisch rubot.service aus?! #systemd
@matthartley do you have plans to document your findings and solution as a systemd issue? So they could look into integrating the fixes in the "right places"?
#systemd PrivateUsers=self seems like a... big footgun.
"what if file ACLs and capability restrictions just... vanished? and you made the target user root in their own namespace again?"
vs "put the user in their own namespace, still not root, still not with capabilities, and now they really, really can't read things that aren't their UID/GID"
systemd-lsp is designed to simplify the editing of #systemd Unit files by providing validation, autocompletion, and formatting features commonly available for modern languages and file formats.
Hey #systemdultras - I have a whole bunch (smth like 250 or more) of services that are similar. I want them to run once a week/month, but they need to be:
1. Resource restricted (CPU time, memory)
2. Should not all run at the same time
3. Some of them may run for hours, some may be finished within seconds - I don't know beforehand
What do I do?
I think I can put them into a slice, add some resource control on that slice. But what about the "don't run them all at the same time"? Do I simply add jitter via the timer configuration? Or is there another setting that I can use, maybe on the slice, for something like "don't run more than 10 services at once in that slice"?
Bonus question: technically, they could be restricted differently depending on the time they run at. For example, all services can use 6G of ram if they run between 02:00 and 06:00, but should not exceed 2G if they run at other times. Possible? I think not, but well, better ask, right?
the #wayland vs X drama is like living the whole #systemd shenanigans again.
#opensource has changed a lot over the years, in so many ways. yet in others, it never did, and never does. 
ooo, systemd does TPM credential encryption and brokering for services, so you don't have to.
Schade, hatte gehofft, dass man systemd-creds auch in rootless #podman Units verwenden könnte (statt base64-encodeten Secrets, gpg oder selbstgebastelten Shell-Befehlen), aber das Entschlüsseln von Secrets funktioniert im aktuellen #systemd v257 leider noch nicht bei User-Units.
Patch ist schon gemerged, jetzt heißt es: warten. 
https://github.com/systemd/systemd/pull/35536
I just found that polkit on my new NAS apparently uses 60% of RAM.
Why? I don't know. I then restricted the relevant systemd unit to 1 GB RAM and when I deployed that change, polkit RAM usage went back to 3.7MB.
Learn how 
