[arch-general] Isolate systemd target if service fails

[Buce]

Hi,

I just set up a custom systemd target on my laptop for the first time using
[1] to split out services that I don't want running if I'm on a public wifi.
I configured things so that by default, I boot into a custom 'home.target'
which starts everything up, and then if I'm on an untrusted network I can
`systemctl isolate multi-user` to bring down httpd, mysqld, sshd, and
anything
else I'd rather not have listening to outside traffic.

Usually under those circumstances, my SSID wouldn't be available and
netctl at homewifi.service would have failed, so in an effort to automate the
process I added the following to the netctl service file and did `systemctl
--system daemon-reload` to read in the changes.

OnFailure=multi-user.target
OnFailureIsolate=true

The end result is that if systemd is unable to start
netctl at homewifi.service, it will isolate the multi-user target, thus
shutting
down httpd, mysqld, sshd, and other services belonging to home.target.

I'm just posting this because the solution wasn't obvious and a google
search
for the terms in the subject of this email didn't turn up anything about
OnFailure and OnFailureIsolate. Hopefully the info will be useful to someone
else.

I also wouldn't mind feedback on this setup. Is what I'm doing sane? Could
it be done better? My full home.target and netctl at homewifi.service are
linked
below [2].

[1] https://wiki.archlinux.org/index.php/systemd#Targets
[2] https://gist.github.com/DMBuce/6390806

-Buce