| 5 Mar 2025 |
 Ramses π΅πΈ | I don't think you're supposed to use the transient stuff for this, I think it's what's used by systemd-run | 15:27:44 |
 Sandro π§ | Would anyone be willing to help me figure out how to combine the two glitchtip services and the glitchtip.socket so that they all reside under /run/glitchtip and don't delete the socket on themselves and restarting one doesn't leave the socket missing? I tried copying from paperless but it doesn't fully work yet.
https://github.com/SuperSandro2000/nixpkgs/commit/f1bb998afa34c6fa46236370d72c1d1904a41f34 | 15:52:13 |
 Arian | Dont. You shouldn't put sockets in RuntimeDirectory | 16:02:26 |
| Arian | Sockets go in /run (top-level) | 16:02:32 |
| Arian | RuntimeDirectory is private to the service. A socket is per definition something to be shared. Don't put it in RuntimeDirectory | 16:03:05 |
| Arian | There is RuntimeDirectoryPreserve as a workaround | 16:03:33 |
| Arian | But usually it's the wrong choice to put a socket managed by a .socket. In a directory managed by a .service | 16:03:53 |
| Sandro π§ | Also bad eg: you cannot bind mount them then because on restart the bind mount breaks | 16:04:30 |
| Sandro π§ | it works for paperless already, so I guess it cannot be to bad | 16:04:50 |
| Sandro π§ | I don't think I want that tbh π
| 16:05:02 |
| Arian | yeh donβt :D | 16:11:07 |
| Arian | Iβd suggest always putting a socket in /run/servicename.sock | 16:11:19 |
| Sandro π§ | How does it then work with permissions? | 16:17:48 |
| Sandro π§ | also on my system I have one socket there which is a symlink to somewhere else | 16:17:58 |
 @adam:robins.wtf | the socket unit can specify permissions, no? | 16:32:03 |
| Sandro π§ | yeah, sometimes, but often they are the equivalent of 777 | 16:35:08 |
| Arian | SockerUser and SocketMode.
But usually unix domain sockets use SO_PEERCRED to figure out the user of the caller and make decisions on that
| 21:14:21 |
| Sandro π§ | π€ hmmmm | 22:57:21 |
| Sandro π§ | Do you have an idea if common things like Gunicorn or such application servers use that? | 22:57:34 |
| Arian | No idea. | 23:09:07 |
| Arian | Why don't you just use SocketUser and SocketMode ? | 23:09:32 |
| Arian | If there isn't more than one user consuming the socket | 23:09:49 |
| Arian | But e.g. postgres uses it https://www.postgresql.org/docs/current/auth-peer.html | 23:15:07 |
| 6 Mar 2025 |
| Sandro π§ | I currently have SockerUser but I should probably set SocketMode as it has 666 right now | 00:39:30 |
|  Grimmauld (moving to @grimmauld:grapevine.grimmauld.de) changed their display name from Grimmauld to Grimmauld (any/all). | 15:37:32 |
| Arian | I wonder if we could use this for the Test Driver: https://github.com/systemd/systemd/blob/main/NEWS#L1179-L1196 | 18:35:26 |
| Arian | currently all our wait_for_unit stuff is kind ad-hoc but itβs built into systemd now | 18:35:38 |
| Arian | it will send messages about unit state back to the VMM over VSOCK | 18:35:52 |
 ElvishJerricco | well that sounds like a big improvement | 18:37:07 |
| Arian | https://www.freedesktop.org/software/systemd/man/latest/systemd.html#Readiness%20Protocol | 18:37:21 |
