[Unit]
Description=bootstrap container %i
Before=configured.target
After=host-containerd.service
Wants=host-containers.service
# Block manual interactions with bootstrap containers, since they should only be
# started by systemd
RefuseManualStart=true
RefuseManualStop=true
# If a sentinel file exists for this bootstrap container, it means we should skip
# since we've run this bootstrap container already.
ConditionPathExists=!/run/bootstrap-containers/%i.ran

[Service]
Type=oneshot
EnvironmentFile=/etc/bootstrap-containers/%i.env
# Create a sentinel file to mark that we've run
ExecStart=/usr/bin/touch /run/bootstrap-containers/%i.ran
# Run the bootstrap container
ExecStart=/usr/bin/host-ctr run \
    --container-id='%i' \
    --source='${CTR_SOURCE}' \
    --container-type='bootstrap' \
    --registry-config=/etc/host-containers/host-ctr.toml
ExecStartPost=/usr/bin/bootstrap-containers mark-bootstrap \
    --container-id '%i' \
    --mode '${CTR_MODE}'
RemainAfterExit=true
StandardError=journal+console