nixos/spacecookie: convert into settings-style service module #107766
Conversation
sternenseemann
force-pushed
the
spacecookie-flexible
branch
from
ad1a22d
to
dfeb092
Compare
|
Okay, I have yet again refactored the service massively and am eager to hear feedback on it. Sorry, I took a bit, but since I was in the middle of making a new release for spacecookie anyways, I held back until I had everything sort of figured out (not released yet, but I know at least what the configuration changes will be). New options:
I also moved everything except The thing I'm a bit bothered about is the question of Another reason for this is, that in the next spacecookie release the top level {
"listen": {
"port" : 70,
"addr" : "::1"
}
}…where I have the adjustments for the next version on a separate branch and will PR them when the update hits |
sternenseemann
changed the title
|
@GrahamcOfBorg test spacecookie |
|
@sternenseemann not sure what to say about that failed test... 🤷♂️ |
That's really weird, since the curl call seems to produce the correct output, but then fails with 56 (“Failure in receiving network data”). I'll ponder this some more tomorrow, I guess. |
|
Seems like the Edit: Done, see also sternenseemann/spacecookie#42 |
sternenseemann
force-pushed
the
spacecookie-flexible
branch
2 times, most recently
from
bb3a22e
to
b38fc39
Compare
|
Found a less ugly workaround for the curl problem, namely using netcat. Upstream issue is also fixed, really need to get this release out the door now :) |
sternenseemann
force-pushed
the
spacecookie-flexible
branch
from
b38fc39
to
e97b0a0
Compare
ofborg
bot
added
8.has: package (new)
10.rebuild-darwin: 1-10
10.rebuild-darwin: 1
and removed
10.rebuild-darwin: 0
10.rebuild-linux: 1
labels
sternenseemann
force-pushed
the
spacecookie-flexible
branch
from
5cf4873
to
910fb1c
Compare
|
With #116096 we have spacecookie 1.0.0.0 including a fix for the |
|
@ofborg test spacecookie |
* Use proper gopher urls
* The client vms name is also controlled in a single place now
* fileContent holds the precise file content now
* wait for the spacecookie unit instead of the port
* avoids sending an empty request
* since spacecookie is a notify service it only is fully started when
the socket has been set up.
This allows to change the derivation to use for the spacecookie server binary. We probably should also use justStaticExecutables by default to reduce the runtime closure of the service.
Convenience shortcut which automatically configures the firewall to open the port which is also configured for the spacecookie service.
This configuration option reflects a new feature from the unreleased spacecookie version allowing to customize the address spacecookie will listen on (e. g. "::1" to bind on link-local addresses only). We will not use this feature in the future, since the configuration option of spacecookie naturally only has an effect if we don't use socket activation (and spacecookie sets up its own socket), but having the same functionality in the service seems like a good idea. We can luckily emulate this behavior with socket activation as well.
* Move `hostname` and `root` into a settings submodule with a freeform type, allowing users to also use options not known to the NixOS service. Compatibility with a warning for the renamed options is also trivial to achieve. * `port` stays where it is as we don't actually use the `port` option of spacecookie to set up the socket, but only to inform spacecookie about the port we have set in the `systemd.socket` file, this makes more sense. Additionally the configuration of the listening port and address change in the next spacecookie release — we can dodge this issue altogether by doing our own thing, but I'm interested to hear opinions on this. To ensure that this is not misconfigured, we add an assertion for the port option. * Add an assertion for `user` in settings which has no effect the way we are starting spacecookie as it wouldn't be able to call setuid. The message also explains how a specific user can be used with spacecookie if desired.
* New log options * The old port option has been deprecated in favor of listen -> port https://github.com/sternenseemann/spacecookie/blob/master/CHANGELOG.md#1000
The haskellPackages.spacecookie derivation also includes a library and thus a lot of propagated haskell dependencies. The top-level attribute uses haskell.lib.justStaticExecutables and therefore only the executable. This should reduce the runtime closure users have to download considerably if they only want the server.
sternenseemann
force-pushed
the
spacecookie-flexible
branch
from
910fb1c
to
01e106a
Compare
|
Yes! Almost forgot it as well. |
| spacecookie = | ||
| haskell.lib.justStaticExecutables haskellPackages.spacecookie; |
There was a problem hiding this comment.
This newline is not required.
There was a problem hiding this comment.
I don't understand why you keep pointing out formatting “issues” on already merged PRs. We have no established formatting guideline in the first place and especially with merged PRs this serves really nothing other than wasting the time of everyone involved.
There was a problem hiding this comment.
I don't understand why you keep pointing out formatting “issues” on already merged PRs.
If I have 50 tabs open GitHub sometimes just forgets to refresh them and they are only updated after I posted a comment.
We have no established formatting guideline in the first place
Just do reasonable formatting and that new line there is just because nixfmt enforces a 80 line length which we are not following in nixpkgs anyway.
Motivation for this change
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)