syncthing: create default group if not overridden #65566
Conversation
The following configuration generates a systemd unit that doesn't
start.
```nix
{
services.syncthing = {
enable = true;
user = "my-user";
};
}
```
It fails with
```
systemd[1]: Started Syncthing service.
systemd[6745]: syncthing.service: Failed to determine group credentials: No such process
systemd[6745]: syncthing.service: Failed at step GROUP spawning /nix/store/n1ydz3i08nqp1ajc50ycy1zribmphqc9-syncthing-1.1.4-bin/bin/syncthing: No such process
systemd[1]: syncthing.service: Main process exited, code=exited, status=216/GROUP
systemd[1]: syncthing.service: Failed with result 'exit-code'.
```
This is due to the fact that `syncthing` group (default) is not
created if the user is overridden.
Add a separate check for setting up the default group, so that
user/group are created independently.
|
@rasendubi I must have misread your code earlier... please disregard my previous comment, which I have removed. |
There was a problem hiding this comment.
Looks good to me 👍
Looking to @peterhoeg for final approval and merging.
|
Sorry about being late to the game, but is this really a supported workflow? The current syncthing module (and most other modules) are actually system-level modules where the user variable is used to set the system-level user that something runs as, which is not a regular interactive user. |
|
@peterhoeg yeah I get what you're saying and I think that's a high level conversation that needs to happen so we can establish written guidelines and stop using regular desktop users with system level modules... but this PR fixed an existing logic bug so it made sense to me that it was merged. Is that a reasonable answer? |
|
Is that a reasonable answer?
Absolutely.
|
|
My use case is the following:
I use syncthing to sync a bunch of directories from my home directory (most notably, org-mode files). I need these to be owned by my user.
I think of `user` option in a similar way as of `services.locate.localuser` (which is used to set a user to search local directories as). I understand they are very different from the implementation point of view, but from the usage perspective they are not.
|
|
I understand your use case - but that still isn't how a system-level module is supposed to be used. The "proper" way would be using something like home-manager to configure it for your user only.
There is of course no harm doing what you do if you're the only person using that machine.
|
Motivation for this change
The following configuration generates a systemd unit that doesn't start.
It fails with
This is due to the fact that
syncthinggroup (default) is not created if the user is overridden.Add a separate check for setting up the default group, so that user/group are created independently.
Things done
sandboxinnix.confon non-NixOS)nix-shell -p nix-review --run "nix-review wip"./result/bin/)nix path-info -Sbefore and after)This became an issue after #65078
/cc @peterhoeg @aanderse