run mailsync as a user service

When this role was created, Ansible did not support systemd user units,
so we setup mailsync as a system service and timer running as the user.
The only practical difference in moving to a user service is that the
user can control the service without sudo, but we might as well.

Existing users should first stop, disable, and remove the old system timer and
service:

    $ sudo systemctl stop mailsync@$USER.timer
    $ sudo systemctl disable mailsync@$USER.timer
    $ sudo rm /etc/systemd/system/mailsync@.*

If the system timer is present in the trusted unit file, remove it.

roles/mail/tasks/mailsync.yml

@@ -5,14 +5,14 @@
     - mailsync
 
 - name: Push mailsync service file
-  template: src=mailsync.service.j2 dest=/etc/systemd/system/mailsync@.service
+  template: src=mailsync.service.j2 dest=/etc/systemd/user/mailsync.service
   tags:
     - mailsync
   notify:
     - reload systemd config
 
 - name: Push mailsync timer file
-  template: src=mailsync.timer.j2 dest=/etc/systemd/system/mailsync@.timer
+  template: src=mailsync.timer.j2 dest=/etc/systemd/user/mailsync.timer
   tags:
     - mailsync
   notify:
@@ -20,7 +20,11 @@
     - restart mailsync
 
 - name: Enable and start mailsync timer
-  service: name="mailsync@{{ user.name }}.timer" enabled=yes state=started
+  systemd: name=mailsync.timer user=yes enabled=yes state=started
+  become: yes
+  become_user: "{{ user.name }}"
+  environment:
+    XDG_RUNTIME_DIR: "/run/user/{{ user.uid }}"
   when: mail.sync_on == "all"
   tags:
     - mailsync
@@ -28,13 +32,17 @@
 - name: Remove mailsync from trusted unit list
   lineinfile: dest=/usr/local/etc/trusted_units
               state=absent
-              line="mailsync@{{ user.name }}.timer"
+              line="mailsync.timer,user:{{ user.name }}"
   when: mail.sync_on == "all"
   tags:
     - mailsync
 
 - name: Disable mailsync timer
-  service: name="mailsync@{{ user.name }}.timer" enabled=no
+  systemd: name=mailsync.timer user=yes enabled=no
+  become: yes
+  become_user: "{{ user.name }}"
+  environment:
+    XDG_RUNTIME_DIR: "/run/user/{{ user.uid }}"
   when: mail.sync_on == "trusted"
   tags:
     - mailsync
@@ -42,7 +50,7 @@
 - name: Add mailsync to trusted unit list
   lineinfile: dest=/usr/local/etc/trusted_units
               state=present
-              line="mailsync@{{ user.name }}.timer"
+              line="mailsync.timer,user:{{ user.name }}"
   when: mail.sync_on == "trusted"
   tags:
     - mailsync

roles/mail/templates/mailsync.service.j2

@@ -1,11 +1,10 @@
 [Unit]
-Description=Mailbox synchronization service for user %I
+Description=Mailbox synchronization service
 After=network.target
 
 [Service]
 Type=oneshot
 ExecStart=/usr/local/bin/mailsync
-User=%i
 StandardOutput=syslog
 StandardError=syslog
 Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/{{ user.uid }}/bus

roles/mail/templates/mailsync.timer.j2

@@ -5,7 +5,7 @@ Description=Mailbox synchronization timer
 [Timer]
 OnBootSec={{ mail.sync_boot_delay }}
 OnUnitActiveSec={{ mail.sync_time }}
-Unit=mailsync@%i.service
+Unit=mailsync.service
 
 [Install]
 WantedBy=timers.target