Systemd After not starting service

Question

letsencrypt.service:

[Unit]
Description=Renews letsencrypt certificates
After=network.target letsencrypt_concat_fullchain_privkey.service

[Service]
Type=oneshot
WorkingDirectory=/etc/letsencrypt/
ExecStart=/usr/bin/letsencrypt renew

When I start this service manually: sudo systemctl start letsencrypt it doesn't seem to start the letsencrypt_concat_fullchain_privkey.service service. I've ran sudo systemctl start letsencrypt_concat_fullchain_privkey.service and it works as it should.

What I'm trying to do is that when letsencrypt.service is finished I'd like it to start the letsencrypt_concat_fullchain_privkey.service service.

Answer 1

After= does not imply a dependency relationship (only order), you can establish dependency with Requires= or Wants= directive.

Requires=
Configures requirement dependencies on other units. If this unit gets activated, the units listed here will be activated as well. If one of the other units gets deactivated or its activation fails, this unit will be deactivated. This option may be specified more than once or multiple space-separated units may be specified in one option in which case requirement dependencies for all listed names will be created. Note that requirement dependencies do not influence the order in which services are started or stopped. This has to be configured independently with the After= or Before= options. If a unit foo.service requires a unit bar.service as configured with Requires= and no ordering is configured with After= or Before=, then both units will be started simultaneously and without any delay between them if foo.service is activated. Often, it is a better choice to use Wants= instead of Requires= in order to achieve a system that is more robust when dealing with failing services.

Note that this dependency type does not imply that the other unit always has to be in active state when this unit is running. Specifically: failing condition checks (such as ConditionPathExists=, ConditionPathExists=, … — see below) do not cause the start job of a unit with a Requires= dependency on it to fail. Also, some unit types may deactivate on their own (for example, a service process may decide to exit cleanly, or a device may be unplugged by the user), which is not propagated to units having a Requires= dependency. Use the BindsTo= dependency type together with After= to ensure that a unit may never be in active state without a specific other unit also in active state (see below).

Note that dependencies of this type may also be configured outside of the unit configuration file by adding a symlink to a .requires/ directory accompanying the unit file. For details, see above.

Wants=
A weaker version of Requires=. Units listed in this option will be started if the configuring unit is. However, if the listed units fail to start or cannot be added to the transaction, this has no impact on the validity of the transaction as a whole. This is the recommended way to hook start-up of one unit to the start-up of another unit.

Note that dependencies of this type may also be configured outside of the unit configuration file by adding symlinks to a .wants/ directory accompanying the unit file. For details, see above.

Ref: http://freedesktop.org/software/systemd/man/systemd.unit.html

Answer 2

What I'm trying to do is that when letsencrypt.service is finished I'd like it to start the letsencrypt_concat_fullchain_privkey.service service.

You want to add this to your letsencrypt.service file then:

ExecStartPost=/bin/systemctl start letsencrypt_concat_fullchain_privkey.service

This command will then be run serially after the command you gave in ExecStart=.

You can read more about ExecStartPost= in man systemd.service or look up any systemd directive in man systemd.directives.