nixos/tomcat: add purifyOnStart option #44303
Conversation
| @@ -185,6 +188,10 @@ in | |||
| after = [ "network.target" ]; | |||
|
|
|||
| preStart = '' | |||
| # Delete the existing base directory, if any | |||
| # (we don't want remainders of old configuration!) | |||
| rm -rf ${cfg.baseDir} | |||
There was a problem hiding this comment.
Right, it would, and it's definitely not wanted.
pvgoran
force-pushed
the
tomcat-clean-basedir
branch
from
2027e6d
to
f958aa9
Compare
pvgoran
changed the title
|
The new version specifically keeps logs in place. Not sure if |
|
Now, it is possible that people added their own files into baseDir and expect them to stay there after restart or reconfiguration; this patch will break their configuration. However, leaving bits of old configuration (especially old libraries or old webapps) may be even worse. Not sure how to handle this. This PR, while it very much makes sense by itself, is a pre-requisite of another PR which would add management of the |
| # Delete everything but logs from the existing base directory | ||
| # (we don't want remainders of old configuration!) | ||
| [[-e ${cfg.baseDir} ]] \ | ||
| && find ${cfg.baseDir} -mindepth 1 -maxdepth 1 -not -name logs -exec rm -rf '{}' '+' |
There was a problem hiding this comment.
Is it possible to do it more explicit?
rm -rf ${cfg.baseDir}/{conf,virtualhosts,temp,lib,shared/lib,webapps,work}
Are there any files in those directory that should be not deleted? I am not an expert when it comes to tomcat related applications.
There was a problem hiding this comment.
Is it possible to do it more explicit?
Yes, this can work as well. Though I would also include bin which is a symlink created by the script. And work needs to be excluded (see below).
Are there any files in those directory that should be not deleted?
In fact, there are. The session files, named SESSIONS.ser by default, can exist inside the work directory, and they shouldn't be deleted.
On the other hand, work serves as a cache for compiled JSP files, and in certain corner cases Tomcat can improperly use the cached files from an old deployment. But these corner cases should be very uncommon (if at all possible), so probably it doesn't make much spending code lines on handling them.
|
If deleting specific stuff is too clunky, an alternative is to write state into versioned dirs and use symlinks to point to whatever is current. That way old stuff can be garbage collected manually --- the tradeoff obviously being accumulating lots of junk over time & the overhead of managing the links ... |
pvgoran
force-pushed
the
tomcat-clean-basedir
branch
from
f958aa9
to
f9ad617
Compare
|
@Mic92 I replaced removal of "everything except logs" with removal of specific directories/symlinks. |
|
@joachifm Did you mean versioning the whole |
pvgoran
force-pushed
the
tomcat-clean-basedir
branch
from
f9ad617
to
fefcd78
Compare
|
For some reason, the previous commit actually did not include the advertised changes ("I replaced removal of "everything except logs" with removal of specific directories/symlinks"), now this is corrected by Any chance for merging this soon? |
|
Just in case — @danbst do you want to comment on the list of directories to clean? |
|
@pvgoran @7c6f434c |
3 similar comments
|
@pvgoran @7c6f434c |
|
@pvgoran @7c6f434c |
|
@pvgoran @7c6f434c |
|
@danbst Makes sense. This new option is supposed to be disabled by default, right? |
|
OK, so GitHub sends notifications correctly but displays the new comments one in five reloads or something. Yay eventual consistency, I guess. I can merge once the option is added, please ping me then. |
|
@pvgoran @7c6f434c
I think all good, but only enable if `services.tomcat.purifyOnStart =
true;` is set (option to be created). Tomcat management is essentially
stateful (the whole startup script is an example of this madness) and so
many rely on this. For example, I have mutable webapp deploy to `webapps`
dir - after this PR my webapp would be removed on tomcat restart (I can't
put webapp into configuration.nix)
нд, 21 жовт. 2018 о 10:58 Michael Raskin <notifications@github.com> пише:
… Just in case — @danbst <https://github.com/danbst> do you want to comment
on the list of directories to clean?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#44303 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAtWkbFmH5s6mdZADsJUjO6IECZMJg1Sks5unCkvgaJpZM4VqfSm>
.
|
|
@pvgoran right! It is pretty destructive feature. I also am not in favor of
changing defaults.
пн, 22 жовт. 2018 о 07:09 pvgoran <notifications@github.com> пише:
… @danbst <https://github.com/danbst> Makes sense. This new option is
supposed to be disabled by default, right?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#44303 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAtWkb3O-J0JH4vLrBPIw8ZPPmY-OZMLks5unUT-gaJpZM4VqfSm>
.
|
|
«Once the option is added» was precisely about |
With this option enabled, before creating file/directories/symlinks in baseDir according to configuration, old occurences of them are removed. This prevents remainders of an old configuration (libraries, webapps, you name it) from persisting after activating a new configuration.
pvgoran
force-pushed
the
tomcat-clean-basedir
branch
from
fefcd78
to
a57bbf4
Compare
pvgoran
changed the title
|
@danbst @Mic92 I added the Now that it's in place, I'm thinking about going back to deleting everything (except the specifically preserved subdirectories) from |
|
What is more likely, that they add one more directory we want to keep or that they add one more directory we want to clean? Intuitively I would consider an explicit removal of known-problematic subdirectories (with a comment about what and why we still keep) the cleanest approach. |
Both of these look improbable to me, if we are talking about Tomcat developers adding something. NixOS developers, on the other hand, could add something; in this case, I think it will be rather something we want to clean. But this is not how I see this choice. I think it's more about what to do with unknown files which were not created by NixOS: keep them or remove them? The currently implemented approach is "keep", but personally I'd prefer "remove". |
|
But this is not how I see this choice. I think it's more about what to do with unknown files which were *not* created by NixOS: keep them or remove them? The currently implemented approach is "keep", but personally I'd prefer "remove".
What is your mental model of where these files would actually (probably) come from? Is there a need to add an option to extend the whitelist?
|
|
@pvgoran yes, you can remove everything. Those who don't want this behavior should remove
Don't think so. Tomcat is pretty much stabilized software, which hasn't changed conceptually for ages. |
It could be something like custom logs, or data files/directories created by web applications. In this case, an explicit whitelist would be beneficial. However, I don't think this use case will appear (or at least appear frequently), so it's not worth adding an option now, until someone actually needs/requests it.
Yes, and also @Mic92 Previously I switched from the "whitelist" approach (delete everything except selected directories) to the "blacklist" approach (delete only known directories that we create) by your request. Now, do you agree with going back to the "whitelist" approach with introduction of the |
|
> What is your mental model of where these files would actually (probably) come from? Is there a need to add an option to extend the whitelist?
It could be something like custom logs, or data files/directories created by web applications. In this case, an explicit whitelist would be beneficial. However, I don't think this use case will appear (or at least appear frequently), so it's not worth adding an option now, until someone actually needs/requests it.
To me that sounds like an argument for a blacklist (if anything extra is created it is custom logs or data files, and we keep the known logs and session data files). But I won't use the module anyway.
|
The thing is, this use case is just a speculation on my part, "what if someone does this". I have no evidence someone would actually need to organize files like this. |
|
I implemented the "whitelist" approach (removing of all baseDir contents except for My preference is the "whitelist" approach (#49729), and I don't see strong arguments against it, now that the @Mic92 @7c6f434c @danbst Please review this and commit one of these two PRs, at last. |
|
@danbst I am OK with the current state of either PR, I marginally prefer this one, and I will merge whichever you ask me to merge (please do a direct mention in that comment). |
|
I do not claim arguments for blacklist are strong, it is all about reasonable arguments on both sides. And now this bikeshed is freshly painted. Thanks to everyone. |
|
This pull request has been mentioned on Nix community. There might be relevant details there: |
With this option enabled, before creating file/directories/symlinks in baseDir according to configuration, old occurences of them are removed.
This prevents remainders of an old configuration (libraries, webapps, you name it) from persisting after activating a new configuration.
Things done
sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)nix path-info -Sbefore and after)