Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nixos/xandikos: use systemd socket activation #253634

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

nixos/xandikos: use systemd socket activation #253634

wants to merge 1 commit into from
+125 −31

Conversation

schnusch
Copy link
Contributor

@schnusch schnusch commented Sep 6, 2023
edited
Loading

Description of changes

Xandikos' handling of listening addresses is quite buggy. There were multiple bugs regarding socket activation, which caused it to also listen on unwanted default ports. Additionally the metrics port reuses the listen address.

To avoid all this unexpected behaviour we run Xandikos in a private network namespace and let systemd handle our wanted listening adresses. Optionally the metrics are made accessible in the host's network namespace through xandikos-metrics.service using systemd-socket-proxyd.

Depends on #253612.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.11 Release Notes (or backporting 23.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@github-actions github-actions bot added 6.topic: python 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Sep 6, 2023
@schnusch schnusch requested review from fabaff and 0x4A6F September 6, 2023 14:03
@schnusch schnusch mentioned this pull request Sep 6, 2023
Closed
13 tasks
@schnusch schnusch force-pushed the nixos/xandikos branch 4 times, most recently from 3fb8524 to 53e0f99 Compare September 10, 2023 19:21
@schnusch
Copy link
Contributor Author

Rebased onto #253612.

@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label May 3, 2024
@wegank wegank added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jul 4, 2024
@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Aug 23, 2024
@ofborg ofborg bot added 10.rebuild-linux: 11-100 and removed 2.status: merge conflict This PR has merge conflicts with the target branch 10.rebuild-darwin: 1 10.rebuild-linux: 1-10 labels Aug 23, 2024
@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label Nov 1, 2024
@github-actions github-actions bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 and removed 6.topic: nixos-container Imperative and declarative systemd-nspawn containers 6.topic: pantheon The Pantheon desktop environment 6.topic: TeX Issues regarding texlive and TeX in general 6.topic: testing Tooling for automated testing of packages and modules 6.topic: cinnamon Desktop environment 6.topic: module system About "NixOS" module system internals 6.topic: jitsi 6.topic: systemd 6.topic: agda "A dependently typed programming language / interactive theorem prover" 6.topic: java Including JDK, tooling, other languages, other VMs 6.topic: Lumina DE The Lumina Desktop Environment 6.topic: Enlightenment DE The Enlightenment Desktop Environment 6.topic: mate The MATE Desktop Environment 6.topic: flakes The experimental Nix feature 6.topic: lib The Nixpkgs function library 6.topic: jupyter Interactive computing tooling: kernels, notebook, jupyterlab 6.topic: php 8.has: maintainer-list (update) This PR changes `maintainers/maintainer-list.nix` 6.topic: deepin Desktop environment and its components 6.topic: dotnet Language: .NET 6.topic: nvidia 6.topic: xen-project The Xen Project hypervisor 6.topic: continuous integration Affects continuous integration (CI) in Nixpkgs, including Ofborg and GitHub Actions 10.rebuild-darwin: 1-10 10.rebuild-linux: 11-100 labels Dec 16, 2024
@ofborg ofborg bot added 10.rebuild-darwin: 1-10 and removed 2.status: merge conflict This PR has merge conflicts with the target branch 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin labels Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabaff fabaff Awaiting requested review from fabaff

@0x4A6F 0x4A6F Awaiting requested review from 0x4A6F

Assignees
No one assigned
Labels
6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@schnusch @wegank