xoxys.freshrss/templates/systemd/user/freshrss-container.service.j2

#jinja2:lstrip_blocks: True
{{ ansible_managed | comment }}

[Unit]
Description=FreshRSS App Server
Wants=network.target network-online.target
After=network-online.target

RequiresMountsFor=%t/containers
Requires=dbus.socket

BindsTo={{ __freshrss_pod_name }}.service
After={{ __freshrss_pod_name }}.service

[Service]
Type=notify
NotifyAccess=all
Environment=PODMAN_SYSTEMD_UNIT=%N
SyslogIdentifier=%N
LogExtraFields=CONTAINER_NAME=%N
Delegate=memory pids

Restart=on-failure
TimeoutSec=70

ExecStartPre=/usr/bin/podman pod exists {{ __freshrss_pod_name }}
ExecStart=/usr/bin/podman run \
    --rm \
    --replace \
    --detach \
    --restart=no \
    --cgroups=no-conmon \
    --sdnotify=conmon \
    --env-file={{ __freshrss_systemd_env_dir }}/freshrss.env \
    --pod {{ __freshrss_pod_name }} \
    {% if freshrss_memory_limit is defined %}
    --memory={{ freshrss_memory_limit }} \
    {% endif %}
    {% if freshrss_memory_reservation is defined %}
    -memory-reservation={{ freshrss_memory_reservation }} \
    {% endif %}
    {% if freshrss_cpu_quota is defined %}
    --cpu-quota={{ freshrss_cpu_quota }} \
    {% endif %}
    {% for item in freshrss_security_opt %}
    --security-opt={{ item }} \
    {% endfor %}
    {% for item in freshrss_cap_add %}
    --cap-add={{ item }} \
    {% endfor %}
    {% for item in freshrss_cap_drop %}
    --cap-drop={{ item }} \
    {% endfor %}
    --pids-limit={{ freshrss_pids_limit }} \
    {% for volume in freshrss_volumes %}
    --mount 'type={{ volume.type | default("volume") | lower }},src={{ volume.name }},target={{ volume.dest }}' \
    {% endfor %}
    --name={{ __freshrss_container_name }} \
    {{ freshrss_image }}

ExecStop=/usr/bin/podman stop --ignore {{ __freshrss_container_name }}
ExecStopPost=/usr/bin/podman rm --force --ignore {{ __freshrss_container_name }}

[Install]
WantedBy=multi-user.target default.target