Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

systemd activated sockets #22

Closed
wants to merge 3 commits into from
Closed

systemd activated sockets #22

wants to merge 3 commits into from

Conversation

cbix
Copy link
Contributor

@cbix cbix commented Sep 27, 2020

This is a nice article explaining why systemd's socket activation feature is useful. I personally like it because I don't have to let services open any ports by themselves and I can put everything HTTP behind nginx with a unix socket as upstream, set up with proper permissions (note: nginx' group is www-data on some systems!) + I don't have to remember what's running on which port.

I haven't figured out yet how to make systemd-sysusers to create the user's home directory yet, but theoretically it's also supposed to simplify installation (see the files under deploy/):

# build
./build.sh
# install files (as root)
install prosody-filer /usr/local/bin/prosody-filer
install deploy/prosody-filer.service /usr/local/lib/systemd/system/prosody-filer.service
install deploy/prosody-filer.socket /usr/local/lib/systemd/system/prosody-filer.socket
install deploy/prosody-filer.conf /usr/lib/sysusers.d/prosody-filer.conf
install deploy/prosody-filer.nginx.conf /etc/nginx/sites-available/prosody-filer.nginx.conf
mkdir -p /var/lib/prosody-filer/uploads # or whatever directory is configured in the .service and .toml
install config.example.toml /var/lib/prosody-filer/config.toml
chown -R prosody-filer: /var/lib/prosody-filer

# create user and enable socket
systemd-sysusers
systemctl daemon-reload
systemctl enable prosody-filer.socket

# start socket, the service gets started automatically on the first incoming HTTP request
systemctl start prosody-filer.socket

It is theoretically even possible to provide the service with multiple sockets:

[Socket]
# unix socket
ListenStream=/var/run/prosody-filer.sock
# tcp port over ipv4 + ipv6 on all interfaces
ListenStream=8087
# listen on a specific localhost ipv4 address
ListenStream=127.0.23.42:12345

If prosody-filer is not given any systemd activated sockets, it will simply listen on the port given in the config, so this PR doesn't break compatibility.

@ThomasLeister
Copy link
Owner

Thanks for letting me know - I'll check this out in detail when there's time for that :-)

@cbix
Copy link
Contributor Author

cbix commented Dec 23, 2020
edited
Loading

Just took a quick look at my code after getting pinged and apparently had initially forgotten to release the WaitGroup mutexes, fixed that now :)

Oh, right, will also try to rebase this to the current state!

@cbix cbix mentioned this pull request Dec 23, 2020
Merged
@cbix cbix marked this pull request as draft December 24, 2020 11:22
@ThomasLeister
Copy link
Owner

Hi @cbix I've already merged @sysvinit 's approach to unix socket activation. I hope you don't mind if I close this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cbix @ThomasLeister