By analyzing the blame information on this pull request, we identified @edolstra, @offlinehacker and @lethalman to be potential reviewers

I guess there is little point in this service without any of the geolite-legacy users (packages) moving over to it. Hence this is WIP for now; it needs testing, community feedback and moving some packages over to use this runtime dependency, instead of using the current "geolite-legacy" Nix attribute (which breaks every month).

My suggestions:

1. make it possible geoip = pkgs.geoip.override { geoipDatabase = config.services.geoip-databases.databaseDir; }
2. fetch&unpack geoip2 dbs too, GeoLite2-Country.mmdb.gz and GeoLite2-City.mmdb.gz. I am using the v2 now in my own update script.
3. maybe package some geoip2 tooling? libmaxminddb, mmdblookup. The former is a better library when you want to create new applications using geoip API. I have a working expression for it:

  libmaxminddb = stdenv.mkDerivation rec {
    name = "libmaxminddb-${version}";
    version = "1.2.0";
    src = fetchurl {
      url = "https://github.com/maxmind/libmaxminddb/releases/download/${version}/libmaxminddb-${version}.tar.gz";
      sha256 = "0dxdyw6sxxmpzk2a96qp323r5kdmw7vm6m0l5a8gr52gf7nmks0z";
    };
  };

What about nix outside nixos?

I guess we can expose the updater script to the user (make a package), so it can be run manually.

@bjornfor Is missing adoption the only argument holding this back from merging? What about the use cases where the geolite DB is referenced in extraConfiguration by the user, not by the package itself. I would really like to see this merged and I think adoption will follow afterwards.

If people find this useful as is, I'm fine with merging (of course).

I could use this with the graylog module, for example.

I noticed that the service would fail started at boot. It seems to be running before the network is up. I looked at man systemd.special and tried to fix it with

-      after = [ "network.target" ];
+      after = [ "network-online.target" "nss-lookup.target" ];
+      wants = [ "network-online.target" ];

It doesn't make a difference, it still fails. Also had a look at https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ (suggested by the man page). But not liking the options.

Any ideas?

I guess either I'll add a "try a few times" loop or dig into the systemd special targets and how they are implemented on NixOS. (Perhaps we have a network-online.target dependency bug?)

(I added some error handling so that we'll know when the service fails.)

@bjornfor I think network-online.target will become only useful, if you use systemd-networkd:

$ systemctl cat systemd-networkd-wait-online.service
# /nix/store/v5mly2b8568snc2swxs1br7dbcwn7p9f-systemd-231/example/systemd/system/systemd-networkd-wait-online.service
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

[Unit]
Description=Wait for Network to be Configured
Documentation=man:systemd-networkd-wait-online.service(8)
DefaultDependencies=no
Conflicts=shutdown.target
Requisite=systemd-networkd.service
After=systemd-networkd.service
Before=network-online.target

[Service]
Type=oneshot
ExecStart=/nix/store/v5mly2b8568snc2swxs1br7dbcwn7p9f-systemd-231/lib/systemd/systemd-networkd-wait-online
RemainAfterExit=yes

[Install]
WantedBy=network-online.target

dhcpcd does not fit into this.

Hm, looks like I introduced a regression when adding syslog priority levels with "logger". systemd doesn't understand which unit the messages come from. So "systemctl status geoip-updater" doesn't show any messages. But the journal contains all messages (with proper error levels).

I'll see if I can make it work with "logger", or else find another solution. I really want to have "journalctl -b -perr".

Doh, it's as simple as echo "<prio>message" :-)

@danbst: Do you mind if I squash all commits into one? I'll write a small changelog in the commit message and describe your changes.

@bjornfor systemd-cat is probably what you are looking for.

Looks like systemd-cat is for when you want to log from a program running outside of systemd. We're a systemd service, so our output is already directed to the log. Only the priority was missing (now fixed).

@bjornfor i'm ok

Updated again. From commit message:

   Changes v5 -> v6:
      - Update database files atomically (per DB)
      - If a database is removed from the configuration, it'll be removed
        from /var/lib/geoip-databases too (on next run).
      - Add NixOS module assertion so that if user inputs non- .gz or .xz
        file there will be a build time error instead of runtime.
      - Run updater as user "nobody" instead of "root".
      - Rename NixOS service from "geoip-databases" to "geoip-updater".
      - Drop RemainAfterExit, or else the timer won't trigger the unit.
      - Bring back "curl --fail", or else we won't catch and log curl
        failures.

Perhaps we should bring back proxy service, that has wantedBy = multi-user.target and performs update-script with parameter "--update-if-not-exists". The parameter "--update-if-not-exists" won't download DB if file is already downloaded.

Another update:

Changes v6 -> v7:
      - Add --skip-existing flag to geoip-updater, which skips updating
        existing database files. Pass that flag when we run the service on
        boot (and on any NixOS configuration change).
        (IMHO, this is somewhat a workaround for systemd persistent timers
        not being triggered immediately when a timer has never expired
        before. But it does have the nice side effect of ensuring that the
        installed databases always correspond to the configured ones, since
        the service is now always run after configuration changes.)

Hm, I'm doing some testing and get this on rebuild

$ nixops deploy
building all machine configurations...
jolly.roger> copying closure...
fleet> closures copied successfully
jolly.roger> updating GRUB 2 menu...
jolly.roger> activating the configuration...
jolly.roger> setting up /etc...
jolly.roger> the following new units were started: geoip-updater-setup.service
jolly.roger> activation finished successfully
fleet> deployment finished successfully

This line the following new units were started: geoip-updater-setup.service is printed on every redeploy, even if nothing changed.

RemainAfterExit is required in setup service, so it won't be started on every activation, only when service changed.

Btw, really nice log output!

-- Logs begin at Thu 2016-09-01 10:06:58 UTC, end at Thu 2017-01-12 15:33:20 UTC. --
Jan 12 15:32:50 jolly.roger systemd[1]: Starting GeoIP Updater Setup...
Jan 12 15:32:50 jolly.roger systemd[1]: Started GeoIP Updater Setup.
Jan 12 15:32:50 jolly.roger geoip-updater[11112]: Option --skip-existing is set: not updating existing databases
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Server is reachable (try 1)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Starting update of GeoIP databases in /var/lib/geoip-databases
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Skipping existing file: /var/lib/geoip-databases/GeoLite2-Country.mmdb
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoIPASNum.dat (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoIPASNumv6.dat (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoIP.dat (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoIPv6.dat (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoLite2-City.mmdb (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoLiteCity.dat (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Removed GeoLiteCityv6.dat (not listed in services.geoip-updater.databases)
Jan 12 15:32:51 jolly.roger geoip-updater[11112]: Completed GeoIP database update in /var/lib/geoip-databases

RemainAfterExit works really strange. On first activation geoip-updater-setup.service is started. On timer trigger it is stopped (because it conflicts with geoip-updater.service), so it will be started again on next activation. I hope this is minor issue.

Another strange consequence of setting RandomizedDelaySec=3600 is it affects interval in a non-obvious way when you want to test this service. For example, if I set interval to minutely, I don't get update every minute (every random 0-3600 seconds). So automated test (which is to be written) should unset RandomizedDelaySec to make test not time out.

I noticed some timer weirdness too, with short interval.

Just pushed an update with RemainAfterExit=true. I guess it's better that way. (Still, the design with the two services and the "conflict" feels a bit odd...)

Is having a test for this service really needed? I was under the impression that tests couldn't use (external) networking, so either I'm wrong and we can write a test (if wanted) or else we have to write the test so that it creates a fake maxmind.com server.

The only thing we can do with timers and short intervals is to specify in interval option description, that it adds randomized delay to that interval, so it will be inprecise for short intervals.

As for test, I think you're right, it will be hard to write such test. ping @kampfschlaefer for his opinion on using fake maxmind server.

(closed by accident)

@Mic92:

if RandomizedDelaySec is not a good fit, I would suggest instead (this has an even better distribution as a it depends on the boot of

I personally would prefer to do the update at a fixed time, preferably at night.

MaxMind say the (open source) databases are updated on the first tuesday of the month. So we actually only need to download once a month.

Because I don't like that the current service run on every boot, I've been thinking of this:

• One service is triggered by timer, once a month.
• One service is triggered by the /var/lib/geoip-database directory not existing (for initial setup).

Pro:

• No needless running the service when there is nothing to do

Con:

• A service configuration change will not cause a (re)run. I.e. if you change the list of databases, it won't be reflected in /var/lib/geoip-databases until next timer interval. (Or you trigger it yourself.)

I really like /var/lib/geoip-databases to be as accurate to the configuration as possible. But even with the current scheme (run every week, run on every boot), there is no guarantee that things are OK. You still have to check if the service ran successfully. It's doing impure IO, after all :-) Hence, I'm thinking it might be OK to just run the initial setup service once. If it fails that time, then oh well, look at "systemctl --failed" and restart it.

Thoughts?

Can this be merged as-is, and tunings/thoughts separated to another issue? I find this service useful in it's current form (and I use it on-top of 16.09).

Applied to master: 824d82f

I see no problem with cherry-picking this to release-16.09. I'll do that later if nobody objects.

Awesome! btw, much thanks @bjornfor for your initiative.