arangodb: Add arangodb as a NixOS service #40167
Conversation
babariviere
force-pushed
the
master
branch
3 times, most recently
from
1a8aef7
to
ec2effc
Compare
babariviere
force-pushed
the
master
branch
3 times, most recently
from
921c16e
to
21f4f95
Compare
|
|
||
| users.extraGroups.arangodb.gid = config.ids.gids.arangodb; | ||
|
|
||
| environment.systemPackages = [ pkgs.arangodb ]; |
There was a problem hiding this comment.
You shouldn't need to add the arangodb package system wide. See comment below...
There was a problem hiding this comment.
Okay, I have removed it
There was a problem hiding this comment.
But if I remove it, I don't have access to arangosh and else by default
babariviere
force-pushed
the
master
branch
2 times, most recently
from
78455a6
to
8c9275f
Compare
There was a problem hiding this comment.
But if I remove it, I don't have access to arangosh and else by default.
Correct.
NixOS service modules are only responsible for setting up systemd units. They don't need to install packages into the user environment (which is what environment.systemPackages = [ pkgs.arangodb ]; does) in order to perform this function.
If users want access to the arangosh administration utilities (such as arangosh) then they should add the package to the user environment, just like they would any other package.
This maintains separation of concerns: services create systemd units and user environments set up $PATH to make executables available to users.
| ''; | ||
|
|
||
| script = '' | ||
| exec arangod \ |
There was a problem hiding this comment.
Instead of exec arangod you can do exec ${pkgs.arangodb}/bin/arangod. That will pull in arangodb as a dependency with no need for environment.systemPackages = [ pkgs.arangodb ]; If a user wants to use other binaries in the package (client tools perhaps), he/she can then add the package explicitly either system wide or through nix-env.
There was a problem hiding this comment.
Ok thanks I will change this
|
This pull request has been mentioned on Nix community. There might be relevant details there: https://discourse.nixos.org/t/arangodb-installation-and-how-to/2105/3 |
|
@babariviere Do you have motivation to continue with this PR? |
|
I will finish it, but I cannot test it for now. |
| @@ -340,6 +340,7 @@ | |||
| cockroachdb = 313; | |||
| zoneminder = 314; | |||
| paperless = 315; | |||
| arangodb = 316; | |||
There was a problem hiding this comment.
Does the service actually require a predefined uid and gid? Often times you can get away without.
There was a problem hiding this comment.
Yeah chance is very high that this isn't needed, cc #65698
| services.arangodb = { | ||
| enable = mkEnableOption "ArangoDB server"; | ||
|
|
||
| dataDir = mkOption { |
There was a problem hiding this comment.
There are some nice features of systemd you can take advantage of if you hardcode this directory to something like /var/lib/arangodb, such as StateDirectory.
By no means is this a requirement, but recently I'm asking people to question if they actually provide value to users in adding this option. Sometimes the answer is yes, sometimes no. Up to you to decide.
| serviceConfig = { | ||
| User = "arangodb"; | ||
| Group = "arangodb"; | ||
| PermissionsStartOnly = true; |
There was a problem hiding this comment.
This is deprecated so please do not use. Your best alternatives are either hard coding the database.directory/dataDir to something like /var/lib/arangodb or user systemd.tmpfiles.rules.
See #56265 (comment) for some discussion on the topic.
|
|
||
| after = [ "network.target" ]; | ||
|
|
||
| preStart = '' |
There was a problem hiding this comment.
This should be removed. See my comments below about PermissionsStartOnly.
| exec ${pkgs.arangodb}/bin/arangod \ | ||
| --database.directory ${cfg.dataDir} \ | ||
| --javascript.app-path ${cfg.dataDir} \ | ||
| --log.file ${cfg.dataDir}/arangodb.log \ |
There was a problem hiding this comment.
Is there a way to redirect output to standard system log (journald) as this is the standard in NixOS and preferred.
If there is no way to redirect output to journald instead of a log file does arangodb automatically rotate this log file?
|
@volth Weren't you working on a service for this too? |
Motivation for this change
For the same reason of this pull request: #31880
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)