!DBFhtjpqmJNENpLDOv:nixos.org

NixOS systemd

614 Members
NixOS ❤️ systemd173 Servers

Load older messages

SenderMessageTime
4 Mar 2025
@lassulus:lassul.uslassulus changed their profile picture.17:48:45
5 Mar 2025
@eliasp:kde.orgeliasp

A while ago, I mentioned seeing an issue with runtime overrides not getting applied. Ran into this now again. I have a complex Caddy configuration that I'd like to debug "in vivo", so I copied the Caddy config from the store to a writable location, ran `systemctl edit --runtime caddy && systemctl daemon-reload && systemctl restart caddy", but a "ps | grep caddy" shows it's still referrencing the old config path.

I made sure to "reset" ExecStart= and ExecReload= each by first declaring them empty before defining the new invocation pointing to the new path, but still… 🤷

A systemctl cat caddy.service includes the runtime override and the new values, but the running service itself also via systemctl show caddy | grep ExecStart points to the original location

that's happening with 257.2 - anyone else ran into something like this?

10:39:10
@eliasp:kde.orgeliasp

is this potentially caused by the fact, that the Caddy module itself already throws an override at Caddy?

    Drop-In: /run/systemd/system/caddy.service.d
             └─override.conf
             /nix/store/s2ggv021sz8m4pk62s452pffs0qvh39d-system-units/caddy.service.d
             └─overrides.conf
10:42:37
@k900:0upti.meK900No, that should not matter10:42:58
@eliasp:kde.orgeliasp ah, I see... that's just the regular one in /etc/static/systemd/system/caddy.service.d/, but systemd's display of the realpath instead of the symlink is what confused me.... 10:44:13
@eliasp:kde.orgeliasp might have strace PID#1 to get to the bottom of this… this will be "fun" 😒 10:45:23
@eliasp:kde.orgeliasp might have to strace PID#1 to get to the bottom of this… this will be "fun" 😒 10:46:12
@eliasp:kde.orgeliasp I should probably not use -f on strace in this case 🤦 10:48:02
@eliasp:kde.orgeliasp hmm, according to strace, it reads the runtime override before the on from the Nix store... I'll have to dig through the codebase now to see, whether "order of reading" == "order of evaluation" 10:55:33
@eliasp:kde.orgeliasp hmm, according to strace, it reads the runtime override before the one from the Nix store... I'll have to dig through the codebase now to see, whether "order of reading" == "order of evaluation" 10:55:42
@eliasp:kde.orgeliasp can't make any sense of it... implementation looks correct to me 11:42:51
@qyliss:fairydust.spaceAlyssa Rossiirc systemd priority is /etc -> /run -> /usr, so runtime overrides don't override /etc (for some reason)12:08:45
@eliasp:kde.orgeliasp oh, that'd render runtime overrides completely pointless for most NixOS services... double-checking the sd docs 13:22:08
@k900:0upti.meK900I don't think that's how it works13:22:30
@k900:0upti.meK900/run should win13:22:32
@qyliss:fairydust.spaceAlyssa RossYou'd think so13:24:45
@qyliss:fairydust.spaceAlyssa RossThat would be the sensible and intuitive design13:25:11
@eliasp:kde.orgeliasp

From the docs:

Drop-in files in /etc/ take precedence over those in /run/ which in turn take precedence over those in /usr/lib/.

13:31:11
@eliasp:kde.orgeliasp But looking at the table in "Unit File Load Path", it might be possible to use /run/systemd/transient instead… 13:33:29
@eliasp:kde.orgeliasp unfortunately, systemctl edit doesn't understand --transient, so this has to be handled manually…
but we might want to rework the patch 0016-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch pointing people towards --runtime 		13:35:35
@rvdp:infosec.exchangeRamses 🇵🇸Yeah, I ran into this in the past as well, /etc takes priority over /run, unfortunately. I didn't know about the transient stuff15:26:12
@rvdp:infosec.exchangeRamses 🇵🇸I don't think you're supposed to use the transient stuff for this, I think it's what's used by systemd-run15:27:44
@sandro:supersandro.deSandro 🐧Would anyone be willing to help me figure out how to combine the two glitchtip services and the glitchtip.socket so that they all reside under /run/glitchtip and don't delete the socket on themselves and restarting one doesn't leave the socket missing? I tried copying from paperless but it doesn't fully work yet. https://github.com/SuperSandro2000/nixpkgs/commit/f1bb998afa34c6fa46236370d72c1d1904a41f3415:52:13
@arianvp:matrix.orgArianDont. You shouldn't put sockets in RuntimeDirectory16:02:26
@arianvp:matrix.orgArianSockets go in /run (top-level)16:02:32
@arianvp:matrix.orgArianRuntimeDirectory is private to the service. A socket is per definition something to be shared. Don't put it in RuntimeDirectory 16:03:05
@arianvp:matrix.orgArianThere is RuntimeDirectoryPreserve as a workaround16:03:33
@arianvp:matrix.orgArianBut usually it's the wrong choice to put a socket managed by a .socket. In a directory managed by a .service16:03:53
@sandro:supersandro.deSandro 🐧Also bad eg: you cannot bind mount them then because on restart the bind mount breaks16:04:30
@sandro:supersandro.deSandro 🐧it works for paperless already, so I guess it cannot be to bad16:04:50

Show newer messages

Back to Room ListRoom Version: 6