New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/tomcat: allow verbatim config override #35443
Conversation
* add serverXml verbatim override * add environment file * add log directory creation
Wow, there was quite a lot of old stuff in that module. I have added some stuff that might get in conflict with yours and needs to be discussed. |
|
||
environment = mkOption { | ||
default = null; | ||
example = "/etc/nixos/tomcat-environment"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A file of environment variables is not the nicest interface. Instead it should be a list of strings:
extraEnvironment = mkOption {
type = types.listOf types.str;
# ...
};
# ...
systemd.servies.tomcat.serviceConfig = {
Environment = [
# ...
] ++ extraEnvironment;
};
if somebody needs a file, it is always possible to set this manually outside the module: systemd.servies.tomcat.serviceConfig.EnvironmentFile
Or use nix to split a file in lines..
"JAVA_HOME=${cfg.jdk}" | ||
"CATALINA_OPTS=${cfg.catalinaOpts}" | ||
"ERRFILE=SYSLOG" | ||
"OUTFILE=SYSLOG" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be nice to log to journald by default instead of log files,
but I also see why people want to have log files per vhost.
Access log is set in the module a the moment. So maybe that should be disabled unless requested.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changing the logging scheme, should be probably guarded by stateVersion
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I will revert logging for the time being and this can addressed in future pull requests.
Eval error is related to 7142440 |
@GrahamcOfBorg eval |
default = "tomcat"; | ||
description = "Group account under which Apache Tomcat runs."; | ||
}; | ||
|
||
javaOpts = mkOption { | ||
type = types.str; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wish javaOpts
would have type listOf str
. This, however, requires some backwards compatible code and extra warning for old setups.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could accept both actually.
default = ""; | ||
description = " | ||
Verbatim server.xml configuration. | ||
This is mutualyl exclusive with the virtualHosts options. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
mutualyl
typo
|
||
${if cfg.serverXml != "" then '' | ||
cat <<'EOF' > ${cfg.baseDir}/conf/server.xml | ||
${cfg.serverXml}EOF |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another way to do the same, without heredocs
cp -f ${pkgs.writeTextDir "server.xml" cfg.serverXml}/* ${cfg.baseDir}/conf/
Thank you so much for the feedback, and thank you @Mic92 for the additions. I think I've addressed most of the comments. I didn't do anything about #35443 (review) |
@polynomial Could you just change these two things?
I think other stuff should be not solved in the scope of this pull request. |
* add javaOpts to systemd service definition * remove syslog defaults
@Mic92 Done! I tested locally and the javaOpts seemed to have been entirely broken! I think it is fixed now and I tested it locally (and the log change too). Let me know if there is anything else, have a great day. (: |
rebased and pushed in 196e21a |
Any reason why this wasn't merged into the stable release? I want to make further changes to the Tomcat module, and it's difficult to do when the differences between stable and master are that big. |
We are conservative about back porting to not break the stable release. And this was a rather big change. |
@Mic92 I see. But when and how will the back porting eventually happen? What is the procedure? The change is already rather old. |
@Mic92 @polynomial What's the deal with the type of |
@pvgoran you may switch to
No backporting. It will be available in stable NixOS 18.09, which will be ready in October (2 months left to release)
IMO this is stuff from old author, @svanderburg. Ping him if you want some clarifications. Though |
Thanks, it will help.
It's a bit sad, but I understand that the proper release process is better suited for rolling out significant changes. By the way, is there any kid of policy document that describes what should be backported?
The type for Now, the thing is, the type specification is indeed wrong. My configuration that works on release-18.03 breaks when I build it with a module from nixos-unstable. First it complains:
If I remove the
Finally, if I change
I'll prepare a correction. It would be a separate PR, since this one is long merged, right? |
Ah, right! You were talking about type, not an option. Indeed, if you experience backwards incompatible changes, you should make issues/PRs. But please, show exceprt of original config, so issue is reproducible.
There probably is one. The rule of thumb is "backport only security patches" and internal bug fixes, no package/modules featureful updates. In rare cases, maintainers way lobby some non-security stuff when they have time and need. |
Created #44361. |
Motivation for this change
I am attempting to use NixOS to replace several Amazon Linux Tomcat systems. The current tomcat module in NixOS doesn't allow for configuration overrides similar to other modules (see: nginx https://github.com/NixOS/nixpkgs/blob/release-17.09/nixos/modules/services/web-servers/nginx/default.nix#L314-L322 ). The other two additions are patterns used in many enterprise tomcat deployments that:
Things done
build-use-sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)