From 11cd8ce8e9f28129183a12559282662eea41be9f Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Thu, 21 Sep 2023 22:26:53 -0500 Subject: [PATCH] notify-shutdown: Send a message on shutdown Since Fedora CoreOS machines tend to reboot at seemingly random times to apply updates, it would be nice to get a notification when they go down. --- notify-shutdown.service | 38 ++++++++++++++++++++++++++++++++++++++ notify-shutdown.yaml | 14 ++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 notify-shutdown.service create mode 100644 notify-shutdown.yaml diff --git a/notify-shutdown.service b/notify-shutdown.service new file mode 100644 index 0000000..c13e092 --- /dev/null +++ b/notify-shutdown.service @@ -0,0 +1,38 @@ +[Unit] +Description=Send notification on machine shutdown +RefuseManualStop=yes + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStop=/usr/bin/curl -d '%H is going down' https://ntfy.pyrocufflink.blue/alerts +DynamicUser=yes +CapabilityBoundingSet= +DeviceAllow= +DevicePolicy=closed +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateUsers=yes +PrivateTmp=yes +ProcSubset=pid +ProtectClock=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectProc=invisible +ProtectSystem=strict +RestrictAddressFamilies=AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallFilter=~@privileged @resources + +[Install] +WantedBy=multi-user.target diff --git a/notify-shutdown.yaml b/notify-shutdown.yaml new file mode 100644 index 0000000..4b4e7fa --- /dev/null +++ b/notify-shutdown.yaml @@ -0,0 +1,14 @@ +variant: fcos +version: 1.4.0 + +storage: + files: + - path: /etc/systemd/system/notify-shutdown.service + mode: 0644 + contents: + local: notify-shutdown.service + +systemd: + units: + - name: notify-shutdown.service + enabled: true