New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nginx: Check config syntax validity with nginx -t
in preStart
#24664
Conversation
@nh2, thanks for your PR! By analyzing the history of the files in this pull request, we identified @globin, @domenkozar and @fadenb to be potential reviewers. |
In ferm, I check that the configuration is valid, even before the update is applied to the system. |
There have been many attempts at getting this right (see closed PRs), you can find the latest at #24476 |
@domenkozar I am confused, this issue is not about reloading without restarting. This issue is about making sure that starting with invalid config file fails before systemd counts the service as running. |
@domenkozar Ping, as I cannot reopen this myself apparently. |
@GrahamcOfBorg test nginx |
Success on x86_64-linux (full log) Partial log (click to expand)
|
Success on aarch64-linux (full log) Partial log (click to expand)
|
@volth Agreed -- I think both are useful. The I think we should open another issue to add nix-evaluation-time config checking for nginx, like you did for Varnish. |
Done in #35395 |
Motivation for this change
Currently nginx in NixOS doesn't use the standard practice of checking its config file in systemd's
ExecPreStart
(this is whatExecPreStart
was made for).This results in nixops deployments to succeed even with wrong config file syntax.
By checking the config file syntax in
preStart
usingnginx -t
, a nixops will fail correctly on wrong config file syntax.