[Unit]
Description=Ipsilon Container
Wants=network-online.target
After=network-online.target

[Service]
User=ipsilon
EnvironmentFile=/etc/sysconfig/ipsilon-container
ExecStart=/usr/bin/podman run \
    --rm -p 127.0.0.1:8011:80 \
    --name ipsilon \
    --env LDAP_* --env IPSILON_*\
    --volume={{ tls_certs }}/ca.crt:/etc/pki/tls/certs/ca.crt:ro \
    --volume={{ tls_certs }}/{{ inventory_hostname }}.crt:/etc/pki/tls/certs/{{ inventory_hostname }}.crt:ro \
    --volume={{ tls_private }}/ipsilon.key:/etc/pki/tls/private/{{ inventory_hostname }}.key:ro \
    --volume={{ tls_private }}/openidc.key:/etc/ipsilon/openidc.key:ro \
    --volume=/etc/ipsilon/openidc-static.conf:/etc/ipsilon/root/openidc-static.conf:rw \
    ipsilon:latest
ExecStop=/usr/bin/podman stop --ignore ipsilon
ExecStopPost=/usr/bin/podman rm -f --ignore ipsilon

[Install]
WantedBy=multi-user.target