nixos will handle turning that into a proper drop-in unit file.
But Iām guessing this isnāt really what you want. If you just want to stop all the run-docker-*.mount: Succeeded messages, this is going to be trickier. Itās not the docker unit you want to silence; itās the mount units itās causing by mounting stuff. That StackOverflow answer isnāt a full answer, because itās not telling you that you have to create a drop-in unit like that for every one of these mounts. Not for the docker service. For every mount that you want to silence.
NixOS also makes this a little trickier because the systemd.mounts.* option is a list, the unit file name is derived from the where option, and the what option isnāt optional. Apparently whoever chose this design didnāt consider the possibility of wanting to make drop-ins for transient mount unitsā¦ So while you canāt get the nice api weād use for other unit types, you can use the lower level api to do it with raw unit text:
Docker is doing its own mounts. Itās doing the equivalent of mount foo /bar. Systemd turns every single mountpoint created by other things into a transient mount unit. Itās not systemd creating these, so systemd doesnāt have a way to apply mount properties to all of them.
From the systemd ticket it sounds like they made a change to support this very thing.
And to me it sounds like not every mount would need this - at least from systemd v249.
But now when trying this with systemd.services.docker.serviceConfig.LogLevelMax = 0; it ends up under [Service]. Which is wrong. And I donāt see a way to add a [Mount] as āserviceConfigā seems to be the wrong level. It probably should really be
You cannot put a [Mount] section in a service unit. A unit only has three sections; [Unit] for the options that can be applied to any unit, [<TYPE>] for options that apply to that specific unit type, and [Install] which is irrelevant on NixOS and to this problem.
You donāt apply a [Mount] section to a service. Some unit types share some of their options. For instance, mount and service units share all the options described in man systemd.exec, including LogLevelMax. So to use LogLevelMax on a service, you put it in the [Service] section.
But again, you do not need to apply any settings to the docker service unit whatsoever. That will not help. The problem is that systemd is logging when mounts succeed, which means you need something to apply to all those mount units.
Note that this applies to everything on the system.
The way I read it (and which seems wrong) was that the mounts originate from the service. And that in newer systemd versions the LogLevelMax gets inherited from the service to the mounts.
That said, setting it on the service - I cannot remember seeing it making a difference yet. Just as you suggested.
Changing it in journald itself was the only thing that helped to reduce the messy logs.
Note that this applies to everything on the system.
Nothing in that stackoverflow thread implies any kind of inheritance from the service, and both answers are suggesting applying drop-ins to mount units and not a service. That said, the second answer suggests that a drop-in on run-docker-.mount (note the trailing -) would apply to all descendents, and in my limited testing, that appears to be the case. So maybe try this?