New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/redis: unbreak module, add test #67845
Conversation
@GrahamcOfBorg test redis |
This needs a second iteration, keeping the static user, but using |
updated, now uses |
@GrahamcOfBorg test redis |
@GrahamcOfBorg test redis |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, not qualified to review the test but it looks pretty typical for these types of things.
@@ -218,7 +187,7 @@ in | |||
}; | |||
|
|||
users.users.redis = | |||
{ name = cfg.user; | |||
{ name = "redis"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
name
doesn't need to be set here. AFAIK, it's implied by users.users.redis
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
updated.
(mkRemovedOptionModule [ "services" "redis" "dbFilename" ] "The redis module now uses /var/lib/redis/dump.rdb as database dump location.") | ||
(mkRemovedOptionModule [ "services" "redis" "appendOnlyFilename" ] "This option was never used.") | ||
(mkRemovedOptionModule [ "services" "redis" "pidFile" ] "This option was removed.") | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Personally, I am in favor of removing those options. I fear there might be push-back, though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think people care about the pidFile option, and appendOnlyFilename wasn't used at all.
Some might care about user, dbpath and dbfilename, but only if they changed the defaults - we previously also used /var/lib/redis/dump.rdb by default, as the redis
user.
So in that case, nix will complain during rebuild (don't just spin up an empty redis) and people will be able to move the dump.rbd
file to the new location.
@@ -8,7 +8,6 @@ let | |||
condOption = name: value: if value != null then "${name} ${toString value}" else ""; | |||
|
|||
redisConfig = pkgs.writeText "redis.conf" '' | |||
pidfile ${cfg.pidFile} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where will Redis write the PID file once this statement is removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So far, we did ran redis in non-daemonized mode, meaning it didn't create a pidfile if not explicitly told so (and I removed the line in the version you specified).
In daemonized mode, it'll default to put it in /run/redis.pid
, but won't complain if it can't at all.
If a pid file is specified, Redis writes it where specified at startup
and removes it at exit.When the server runs non daemonized, no pid file is created if none is
specified in the configuration. When the server is daemonized, the pid file
is used even if not specified, defaulting to "/var/run/redis.pid".Creating a pid file is best effort: if Redis is not able to create it
nothing bad happens, the server will start and run normally.
As we don't need the pidfile to manage the service, I removed the nixos module option.
I now hardcoded it to /run/redis/redis.pid (which is inside the RuntimeDirectory), enabled daemonizitation, and also enabled Type=notify
support to signal readyness.
@GrahamcOfBorg test redis |
The redis module currently fails to start up, most likely due to running a chown as non-root in preStart. While at it, I hardcoded it to use systemd's StateDirectory and DynamicUser to manage directory permissions, removed the unused appendOnlyFilename option, and the pidFile option. We properly tell redis now it's daemonized, and it'll use notify support to signal readiness.
@peti by looking at the nixos test logs, I still see the following two warnings:
Can you comment on the two options? Should we set these aswell? |
Alright, this can be done in a followup PR. |
@flokli What about |
I'm missing some context here… |
Motivation for this change
The nixos redis module seems to be pretty broken, most likely due to a chown in
preStart
. I updated it to useStateDirectory
(cf #56265), added a nixos vm test and a changelog entry.Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)