New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nginx: change log and cache directories #85862
Conversation
@GrahamcOfBorg test nginx nginx-etag nginx-pubhtml nginx-sso |
What's the motivation for this change? |
@GrahamcOfBorg eval |
please rebase your branch ontop of master, and force push to fix eval:
|
@GrahamcOfBorg test nginx nginx-etag nginx-pubhtml nginx-sso |
How to correct add patch?
|
39e571a
to
9c5a5af
Compare
@Emily reverted commit openresty. I did not find another variant. Please check. |
Why was 6d046e1 reverted? OpenResty is a distribution of nginx with additional patches and modules; keeping the derivations wholly separate will lead to code duplication and drift between the two, making maintenance harder. If they're going to be separate then the third-party module functionality should at least be ported over to the OpenResty derivation; with the revert, there's no way to e.g. use OpenResty with the brotli module. But I don't see the benefit at all currently. |
With this variant
Error build openresty:
How to fix the error? |
The evaluation error can be fixed with: diff --git a/pkgs/servers/http/openresty/default.nix b/pkgs/servers/http/openresty/default.nix
index 0e87b971985..01ee521a2a2 100644
--- a/pkgs/servers/http/openresty/default.nix
+++ b/pkgs/servers/http/openresty/default.nix
@@ -16,8 +16,8 @@ callPackage ../nginx/generic.nix args rec {
sha256 = "1a1la7vszv1parsnhphydblz64ffhycazncn3ividnvqg2mg735n";
};
- fixPatch = patch:
- runCommand "openresty-${patch.name}" { src = patch; } ''
+ fixPatch = patch: let name = patch.name or (builtins.baseNameOf patch); in
+ runCommand "openresty-${name}" { src = patch; } ''
substitute $src $out \
--replace "src/" "bundle/nginx-${nginxVersion}/src/"
''; The patch still fails to apply, though; you could either condition on the patch name in |
Actually, there's no need for a separate patch at all; just need to make OpenResty's diff --git a/pkgs/servers/http/openresty/default.nix b/pkgs/servers/http/openresty/default.nix
index 0e87b971985..9c01cfb19e1 100644
--- a/pkgs/servers/http/openresty/default.nix
+++ b/pkgs/servers/http/openresty/default.nix
@@ -16,10 +16,11 @@ callPackage ../nginx/generic.nix args rec {
sha256 = "1a1la7vszv1parsnhphydblz64ffhycazncn3ividnvqg2mg735n";
};
- fixPatch = patch:
- runCommand "openresty-${patch.name}" { src = patch; } ''
+ fixPatch = patch: let name = patch.name or (builtins.baseNameOf patch); in
+ runCommand "openresty-${name}" { src = patch; } ''
substitute $src $out \
- --replace "src/" "bundle/nginx-${nginxVersion}/src/"
+ --replace "a/" "a/bundle/nginx-${nginxVersion}/" \
+ --replace "b/" "b/bundle/nginx-${nginxVersion}/"
'';
buildInputs = [ postgresql ]; |
As a general comment, I think it would be better to remove the directories in a |
This PR definitely needs a changelog entry, and we need to think about how migration paths should look like. At least the |
@GrahamcOfBorg test nginx |
@GrahamcOfBorg test nginx |
@GrahamcOfBorg test service-runner |
@GrahamcOfBorg build openresty |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not an nginx user, but diff LGTM
also, tests pass.
I would like a few other reviews though, seeing as nginx is a pretty critical package.
While I completely agree with this change I've had encounters with people in the nix community who feel very strong about not removing |
I'm not an I think this change represents a larger idea that hasn't received enough discussion from all parties impacted by it and merging prematurely wasn't the best way to proceed. At this point I guess we can just wait and see... time will tell how well accepted or not this change is. |
Apologies if this is a simple question but as I'm not well versed with nginx / systemd I'm hoping someone might be able to help - is the log directory location guaranteed to be stable ie. always present under /var/log/nginx? Can I simply safely hardcode path in places where I previously used the value of the stateDir option? Sorry if I missed a note / changelog entry somewhere on how to deal with the removal of the option. |
Yes it's now in |
@@ -23,7 +23,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { | |||
machine.fail(f"curl {url}") | |||
machine.succeed( | |||
""" | |||
mkdir -p /run/nginx /var/spool/nginx/logs | |||
mkdir -p /run/nginx /var/log/nginx /var/cache/nginx |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we have to create the directories in the test?
I just moved system to the latest nixos-unstable bump and the log directory wasn't created automatically. I think we shouldn't fixup the tests like this. It is hiding the real errors...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the comment is still true but I was able to solve my issue. It was unrelated to this change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Service nginx disabled by default:
systemd.services.nginx.enable = false;
Folders /run/nginx
, /var/log/nginx
and /var/cache/nginx
not created automatically.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That service-runner
module seems to be a "startup script generator", by parsing unit attributes.
It was added in 2013, and hasn't really seen a lot of changes to get on par with systemd.
I'm not sure who is using the service-runner thing today (@roberth maybe?), but I expect to not really work with many of the modules we use, and the systemd features we make use of.
Creating the directories was mostly added as a hack to not break the test, and I'd say adding support for all of systemd's features into a startup script generator was out of scope for this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So the confusion here is that this is not a test for nginx but a test for the service-runner
script.
service-runner
is a mostly convenience for testing, but you could use it experimentally for other purposes. I don't use it for anything critical. I wrote this test to avoid bitrot in service-runner
. I picked nginx because it stresses the argument handling in service-runner
.
As flokli said, this changed line is a perfectly acceptable solution.
Motivation for this change
Change locations log and cache folders
cc @flokli @aanderse @Mic92 @delroth @jtojnar @danbst
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)