Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nixos/acme: Service should not fail when no renewal is necessary #38689

Closed
wants to merge 1 commit into from
Closed

nixos/acme: Service should not fail when no renewal is necessary #38689

wants to merge 1 commit into from

Conversation

waern
Copy link
Contributor

@waern waern commented Apr 10, 2018

Motivation for this change

The acme service script re-uses the exit code of the simp_le program which is 0 on successful change, 1 if no renewal is necessary, and 2 on error. This causes the service to end up in failed status when no renewal is necessary, which is wrong.

With this patch the exit code from the acme script is 0 when simp_le returns 1 and otherwise the same as returned by simp_le.

Things done

Tested in QA environment at work.

  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@waern
nixos/acme: Service should not fail when no renewal is necessary
b0f8d17 
The acme service script re-uses the exit code of the simp_le program
which is 0 on successful change, 1 if no renewal is necessary, and 2 on
error. This causes the service to end up in failed status when no
renewal is necessary, which is wrong.

With this patch the exit code from the acme script is 0 when simp_le
returns 1 and otherwise the same as returned by simp_le.

The postStop script still uses the unchanged exit code from simp_le to
determine wether to run the postRun hook or not.
@andrew-d
Copy link
Contributor

I haven't had time to write a PR to do this, but this is probably doable using SuccessExitStatus to set an exit status of 1 as successful, along with some combination of $EXIT_CODE / $EXIT_STATUS that systemd sets for you (see here).

For more info on the environment variables, see here.

@waern
Copy link
Contributor Author

waern commented Apr 11, 2018

Thanks, I see now that the service already specifies SuccessExitStatus = [ "0" "1" ]. And testing it I see that it seems to behave correctly, so I don't know why I thought the service failed before. Maybe I confused the service status with the main process exit status when looking at the logs. Closing this.

@waern waern closed this Apr 11, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
6.topic: nixos 8.has: module (update) 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@waern @andrew-d @GrahamcOfBorg