Copy · paste · systemctl enable --now
systemd unit files you can actually paste.
Complete .service, .timer, .mount, .path and .socket recipes — auto-restart a crashing service, run at boot, replace cron with a timer, auto-mount a share, watch a folder, socket-activate, and harden a service — each with the exact enable and verify commands.
18 recipes
- Services (.service) Order a service after the network or another unit (After, Requires, Wants) The difference between After=, Requires=, Wants=, and BindsTo=, and how to correctly wait for the network or a database before your service starts. 4 min →
- Services (.service) Pass environment variables to a systemd service Set env vars inline with Environment=, or load them from a file with EnvironmentFile= (the right way to keep secrets out of the unit). 3 min →
- Services (.service) Run a one-shot task at boot (Type=oneshot) Run a script once at boot (or on demand) that does its job and exits — for setup, migrations, or tweaks — and have systemd remember it as 'active'. 3 min →
- Services (.service) Auto-restart a service when it crashes (with backoff and a rate limit) Make systemd restart your service if it exits or crashes, wait a few seconds between tries, and stop hammering it if it keeps failing. 4 min →
- Services (.service) Run a systemd service as a specific user and group Drop a service from root to a dedicated unprivileged user, set its working directory, and (optionally) create the user with DynamicUser. 3 min →
- Services (.service) Run a program at boot as a systemd service The minimal .service unit to start your own program (a script, binary, or app) automatically at boot, and keep it managed by systemd. 3 min →
- Services (.service) Run a long-running program as a user service (no root) Put a service under ~/.config/systemd/user/ so it runs as you, with systemctl --user — and keep it running after you log out using lingering. 3 min →
- Timers (.timer) Run a job daily at a specific time (and catch up after downtime) A systemd timer with OnCalendar for a daily 03:30 run, weekly and monthly variants, and Persistent=true so a missed run fires when the machine comes back. 3 min →
- Timers (.timer) Run a job every 5 minutes with a systemd timer (the cron replacement) A .timer + .service pair that runs a command every 5 minutes — the modern, journald-logged replacement for a */5 cron entry. 4 min →
- Timers (.timer) Run a job N minutes after boot, then on an interval (OnBootSec / OnUnitActiveSec) Monotonic systemd timers: run a job 2 minutes after boot and then every 15 minutes — independent of wall-clock time, perfect for health checks and pollers. 3 min →
- Timers (.timer) Spread scheduled jobs with RandomizedDelaySec (avoid the thundering herd) Add a random jitter to a systemd timer so a fleet of machines (or many timers on one host) don't all hit a server at the exact same second. 3 min →
- Mounts (.mount) Mount a share only when it's accessed (.automount) Pair an .automount with a .mount so a network share mounts lazily on first access and can unmount when idle — faster boots, no hang if the server is down. 3 min →
- Mounts (.mount) Create a bind mount as a systemd unit Expose a directory at a second path with a .mount unit using Options=bind — the systemd equivalent of mount --bind, managed and ordered like any other unit. 2 min →
- Mounts (.mount) Auto-mount an NFS or CIFS/SMB share with a .mount unit Mount a network share as a native systemd .mount unit — including the all-important rule that the filename must match the mount path. 4 min →
- Path units (.path) Run a command when a file appears or changes (.path unit) A .path + .service pair that watches a file or directory and triggers a command on creation or modification — inotify-driven, no polling. 3 min →
- Sockets (.socket) Socket-activate a service (start it on the first connection) A .socket + .service pair so systemd holds the listening port and starts your service only when a client first connects — faster boots and on-demand services. 4 min →
- Hardening Harden any service with sandboxing directives A drop-in set of systemd sandboxing options — NoNewPrivileges, ProtectSystem, PrivateTmp, system-call filtering and more — to lock a service down, plus how to score it. 5 min →
- Managing units Essential systemctl & journalctl commands for managing units The day-to-day systemd commands: enable, start, status, reload, logs, list timers, safe overrides with 'systemctl edit', and validating a unit file. 4 min →
You know systemd can do it. You don't remember the exact directive.
Each recipe is a focused, copy-paste unit file for a real task, with a one-line explanation, the enable/verify commands, and the gotchas.
FAQ
Are these systemd unit files free?
Yes. Every recipe is free to read and copy, with no account or paywall.
Where do I put a unit file?
System units in /etc/systemd/system/, user units in ~/.config/systemd/user/. Then daemon-reload and enable --now.
Do I need root?
System units yes (sudo). User units (systemctl --user) need no root; use loginctl enable-linger to keep them after logout.
Why a timer instead of cron?
Timers log to the journal, list with systemctl list-timers, catch up missed runs (Persistent=true), and jitter across a fleet. The 5-minute recipe replaces a */5 cron entry.