Systemd Services

Service management for GSign components.

Docker Compose Service

The main Docker Compose is managed by systemd:

ini

# /etc/systemd/system/gsign-docker.service
[Unit]
Description=GSign Docker Compose
Requires=docker.service
After=docker.service

[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/opt/gsign
ExecStart=/usr/bin/docker compose up -d
ExecStop=/usr/bin/docker compose down
TimeoutStartSec=0

[Install]
WantedBy=multi-user.target

Commands

bash

# Enable on boot
sudo systemctl enable gsign-docker

# Start
sudo systemctl start gsign-docker

# Stop
sudo systemctl stop gsign-docker

# Status
sudo systemctl status gsign-docker

# Restart
sudo systemctl restart gsign-docker

NGINX Service

NGINX is managed by systemd (default Ubuntu):

bash

# Status
sudo systemctl status nginx

# Test configuration
sudo nginx -t

# Reload (no downtime)
sudo systemctl reload nginx

# Restart
sudo systemctl restart nginx

# View logs
sudo journalctl -u nginx -f

Container Management

View Container Status

bash

# All containers
docker ps -a

# Specific container
docker ps -f name=gsign-backend

# Container logs
docker logs gsign-backend -f --tail 100

Restart Containers

bash

# Single container
docker restart gsign-backend

# All containers
docker compose -f /opt/gsign/docker-compose.yml restart

# Specific service
docker compose -f /opt/gsign/docker-compose.yml restart backend

Container Health

bash

# Health check
docker inspect --format='{{.State.Health.Status}}' gsign-backend

# Resource usage
docker stats gsign-backend

Log Management

Docker Logs

bash

# View logs
docker logs gsign-backend -f --tail 100

# Logs since time
docker logs gsign-backend --since 1h

# Log to file
docker logs gsign-backend > backend.log 2>&1

System Logs

bash

# NGINX logs
sudo tail -f /var/log/nginx/access.log
sudo tail -f /var/log/nginx/error.log

# System logs
sudo journalctl -f

# Docker daemon logs
sudo journalctl -u docker -f

Grafana Loki

All container logs are collected by Promtail and sent to Loki. View in Grafana: https://grafana.gesign.mn

Query example:

{container_name="gsign-backend"} |= "error"

Service URLs

Service	Internal	External
Backend	localhost:3000	api.gesign.mn
Frontend	localhost:3002	gesign.mn
Docs	localhost:3003	doc.gesign.mn
HSM	localhost:8080	(internal only)
GitLab	localhost:8929	gitlab.gesign.mn
Grafana	localhost:3001	grafana.gesign.mn

Troubleshooting

Container Won't Start

bash

# Check logs
docker logs gsign-backend --tail 100

# Check configuration
docker inspect gsign-backend

# Check network
docker network inspect gsign-network

# Check resources
docker system df
free -h
df -h

NGINX Errors

bash

# Test configuration
sudo nginx -t

# Check error log
sudo tail -f /var/log/nginx/error.log

# Check SSL certificates
sudo certbot certificates

Database Connection Issues

bash

# PostgreSQL
docker exec -it gsign-postgres psql -U gsign -c "SELECT 1"

# MongoDB
docker exec -it gsign-mongodb mongosh --eval "db.runCommand({ping:1})"

# Redis
docker exec -it gsign-redis redis-cli PING

Health Check Endpoints

bash

# Backend
curl http://localhost:3000/health

# HSM
curl http://localhost:8080/health

# Frontend
curl http://localhost:3002

Systemd Services ​

Docker Compose Service ​

Commands ​

NGINX Service ​

Container Management ​

View Container Status ​

Restart Containers ​

Container Health ​

Log Management ​

Docker Logs ​

System Logs ​

Grafana Loki ​

Service URLs ​

Troubleshooting ​

Container Won't Start ​

NGINX Errors ​

Database Connection Issues ​

Health Check Endpoints ​

Systemd Services

Docker Compose Service

Commands

NGINX Service

Container Management

View Container Status

Restart Containers

Container Health

Log Management

Docker Logs

System Logs

Grafana Loki

Service URLs

Troubleshooting

Container Won't Start

NGINX Errors

Database Connection Issues

Health Check Endpoints