systemd
Prerequisites
Section titled “Prerequisites”- An
orielbinary installed on the host - PostgreSQL, ClickHouse, and Valkey reachable from the host
deploy/systemd/oriel.servicedeploy/systemd/oriel-migrate.service/etc/oriel/oriel.toml
Install the binary:
sudo install -m 0755 oriel /usr/local/bin/orielCreate a service user:
sudo useradd --system --no-create-home --shell /usr/sbin/nologin orielInstall config:
sudo install -d -m 0755 /etc/orielsudo install -m 0640 -o root -g oriel oriel.example.toml /etc/oriel/oriel.tomlSet at least:
[clickhouse]dsn = "clickhouse://oriel:oriel@clickhouse.example:9000/oriel"
[metadata]dsn = "postgres://oriel:oriel@postgres.example:5432/oriel"
[valkey]dsn = "valkey://valkey.example:6379/0"Install and enable units:
sudo install -m 0644 deploy/systemd/oriel.service deploy/systemd/oriel-migrate.service /etc/systemd/system/sudo systemctl daemon-reloadsudo systemctl enable --now oriel.serviceoriel.service requires oriel-migrate.service, so migrations run before the
long-running process starts.
Verify
Section titled “Verify”systemctl status oriel-migrate.servicesystemctl status oriel.servicejournalctl -u oriel.service -fcurl -fsS http://localhost:6743/readyzRollback/Recover
Section titled “Rollback/Recover”To upgrade:
sudo install -m 0755 oriel /usr/local/bin/orielsudo systemctl restart oriel.serviceTo recover a failed schema check, run:
sudo -u oriel oriel --config /etc/oriel/oriel.toml migrate statussudo -u oriel oriel --config /etc/oriel/oriel.toml migrate upThe units run with NoNewPrivileges, ProtectSystem=strict, ProtectHome,
PrivateTmp, an empty capability set, and /var/lib/oriel as the writable
state directory.