systemd-lsp 0.1.4

Language Server Protocol implementation for systemd unit files
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299

# [Socket] Section

The `[Socket]` section encodes information about an IPC or network socket or FIFO controlled and supervised by systemd, for socket-based activation. Socket units are used to implement on-demand starting of services and socket-based activation.

*Based on [systemd.socket(5)](https://www.freedesktop.org/software/systemd/man/systemd.socket.html) official documentation.*

## Socket Types

### ListenStream=
Specifies an address for a stream socket (TCP). Takes an address specification in the format described below.

### ListenDatagram=
Specifies an address for a datagram socket (UDP). Takes an address specification.

### ListenSequentialPacket=
Specifies an address for a sequential packet socket. Takes an address specification.

### ListenFIFO=
Specifies a file system FIFO (named pipe) to listen on. Takes an absolute file system path as argument.

### ListenSpecial=
Specifies a special file in the file system to listen on. Takes an absolute file system path as argument.

### ListenNetlink=
Specifies a Netlink family to create a socket for to listen on. Takes a Netlink family name as argument.

### ListenMessageQueue=
Specifies a POSIX message queue to listen on. Takes a message queue name as argument.

### ListenUSBFunction=
Specifies a USB FunctionFS to listen on. Takes a path to the FunctionFS mount point as argument.

## Address Specifications

### Network Addresses
- `*:80` - Listen on all interfaces, port 80
- `127.0.0.1:8080` - Listen on localhost, port 8080
- `[::]:443` - Listen on all IPv6 interfaces, port 443
- `192.168.1.100:22` - Listen on specific IP, port 22

### Unix Domain Sockets
- `/run/my-service.sock` - Unix domain socket
- `@abstract-socket` - Abstract Unix domain socket

### Named Ports
- `http` - Port 80 (HTTP)
- `https` - Port 443 (HTTPS)
- `ssh` - Port 22 (SSH)
- `ftp` - Port 21 (FTP)

## Socket Options

### SocketMode=
If listening on a file system socket or FIFO, this option specifies the file system access mode used when creating the file node. Takes a numeric mode value.

### SocketUser=, SocketGroup=
If listening on a file system socket or FIFO, the user and group to make the socket accessible to. Takes a user/group name or numeric ID.

### Service=
Specifies the service unit name to activate when this socket receives a connection. Defaults to the service unit with the same name as the socket unit.

### Accept=
Takes a boolean argument. If yes, a service instance is spawned for each incoming connection and only the connection socket is passed to it. If no (default), all listening sockets themselves are passed to the started service unit.

### MaxConnections=
The maximum number of connections to accept simultaneously. Takes a positive integer argument. Defaults to 64.

### MaxConnectionsPerSource=
The maximum number of connections for a service per source IP address. Takes a positive integer argument.

### KeepAlive=
Takes a boolean argument. If true, the TCP/IP stack will send a keep alive message after 2 hours of inactivity. This controls the SO_KEEPALIVE socket option.

### KeepAliveTimeSec=
Configures how long to wait before starting to send TCP keep-alive probes.

### KeepAliveIntervalSec=
Configures the interval between individual TCP keep-alive probes.

### KeepAliveProbes=
Configures how many TCP keep-alive probes to send before giving up and killing the connection.

### DeferAccept=
Takes a boolean or time span argument. If true, the TCP_DEFER_ACCEPT socket option is enabled. If set to a time span, TCP_DEFER_ACCEPT is set to the specified time in seconds.

### NoDelay=
Takes a boolean argument. If true, the TCP_NODELAY option is set. This disables Nagle's algorithm.

### Priority=
Takes an integer argument and configures the priority for all traffic sent from this socket.

### ReceiveBuffer=, SendBuffer=
Configures the receive/send buffer size in bytes. Takes an integer value.

### IPTOS=
Takes an integer value and configures the IP_TOS socket option.

### IPTTL=
Takes an integer value and configures the IP_TTL socket option.

### Mark=
Takes an integer value and configures the SO_MARK socket option.

### ReusePort=
Takes a boolean value and configures the SO_REUSEPORT socket option.

### SmackLabel=, SmackLabelIPIn=, SmackLabelIPOut=
Configures SMAC labels. Takes a string value.

### SELinuxContextFromNet=
Takes a boolean argument. If true, systemd will attempt to figure out the SELinux label for the instantiated service from the information provided by the peer over the network.

### PipeSize=
Takes a size in bytes and configures the pipe buffer size for FIFOs.

### MessageQueueMaxMessages=, MessageQueueMessageSize=
Configures the maximum number of messages and message size for POSIX message queues.

### FreeBind=
Takes a boolean argument. If true, the IP_FREEBIND socket option is enabled.

### Transparent=
Takes a boolean argument. If true, the IP_TRANSPARENT socket option is enabled.

### Broadcast=
Takes a boolean argument and controls the SO_BROADCAST socket option.

### PassCredentials=
Takes a boolean argument and controls the SO_PASSCRED socket option.

### PassSecurity=
Takes a boolean argument and controls the SO_PASSSEC socket option.

### TCPCongestion=
Takes a string value and controls the TCP congestion algorithm used by the socket.

### ExecStartPre=, ExecStartPost=, ExecStopPre=, ExecStopPost=
Commands to execute before/after starting/stopping the socket.

### TimeoutSec=
Configures the time to wait for the commands specified in ExecStartPre=, ExecStartPost=, ExecStopPre= and ExecStopPost= to finish.

### FileDescriptorName=
Assigns a name to all file descriptors this socket unit encapsulates.

### TriggerLimitIntervalSec=, TriggerLimitBurst=
Configures a limit on how often this socket unit may be activated within a specific time interval.

### Symlinks=
Takes a list of file system paths. The specified paths will be created as symlinks to the AF_UNIX socket path or FIFO path of this socket unit.

### DirectoryMode=
If listening on a file system socket or FIFO, the parent directories are created if needed. This option specifies the file system access mode used when creating these directories.

## Examples

### HTTP Server Socket
```ini
[Socket]
ListenStream=80
Service=web-server.service

[Install]
WantedBy=sockets.target
```

### SSH-like Service
```ini
[Socket]
ListenStream=2222
Accept=yes
MaxConnections=20
Service=my-ssh.service

[Install]
WantedBy=sockets.target
```

### Unix Domain Socket
```ini
[Socket]
ListenStream=/run/my-service.sock
SocketMode=0660
SocketUser=my-service
SocketGroup=my-service
Service=my-service.service

[Install]
WantedBy=sockets.target
```

### UDP Service
```ini
[Socket]
ListenDatagram=*:1234
Service=udp-handler.service

[Install]
WantedBy=sockets.target
```

### Multiple Addresses
```ini
[Socket]
ListenStream=80
ListenStream=443
ListenStream=/run/web.sock
KeepAlive=true
NoDelay=true
Service=web-server.service

[Install]
WantedBy=sockets.target
```

### High-Performance Socket
```ini
[Socket]
ListenStream=*:8080
Accept=no
MaxConnections=1000
ReceiveBuffer=2M
SendBuffer=2M
NoDelay=true
ReusePort=true
Service=high-perf.service

[Install]
WantedBy=sockets.target
```

## Common Patterns

### Web Server
For HTTP/HTTPS services:
```ini
[Socket]
ListenStream=80
ListenStream=443
NoDelay=true
KeepAlive=true
```

### Database Services
For database-like services:
```ini
[Socket]
ListenStream=5432
Accept=no
MaxConnections=100
KeepAlive=true
```

### Secure Services
For services requiring access control:
```ini
[Socket]
ListenStream=/run/secure.sock
SocketMode=0600
SocketUser=daemon
SocketGroup=daemon
```

## Management Commands

### List Socket Units
```bash
systemctl list-units --type=socket
```

### Show Socket Status
```bash
systemctl status my-service.socket
```

### Start Socket
```bash
systemctl start my-service.socket
```

### Test Socket Connection
```bash
# For stream sockets
nc localhost 8080

# For Unix domain sockets  
nc -U /run/my-service.sock
```

## See Also

- [systemd.socket(5)](https://www.freedesktop.org/software/systemd/man/systemd.socket.html) - Socket unit configuration
- [systemd.exec(5)](https://www.freedesktop.org/software/systemd/man/systemd.exec.html) - Execution environment configuration
- [systemctl(1)](https://www.freedesktop.org/software/systemd/man/systemctl.html) - Control systemd services and units
- [systemd(1)](https://www.freedesktop.org/software/systemd/man/systemd.html) - systemd system and service manager
- [socket(7)](https://man7.org/linux/man-pages/man7/socket.7.html) - Linux socket interface
- [unix(7)](https://man7.org/linux/man-pages/man7/unix.7.html) - Unix domain sockets
- [tcp(7)](https://man7.org/linux/man-pages/man7/tcp.7.html) - TCP protocol
- [udp(7)](https://man7.org/linux/man-pages/man7/udp.7.html) - UDP protocol