From a1cbf5040fc54d7cbd1218e3a847c984562bb99a Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Thu, 12 Sep 2024 15:24:34 -0400 Subject: [PATCH] Explicitly pass 'daemon' to determinate-nixd (#1159) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * flake.lock: Update determinate Flake lock file updates: • Updated input 'determinate': 'https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/0.1.89%2Brev-54bcee31752428b7a69200be76e7c357723ae2de/0191a4ff-ffd4-7774-abcf-bf93c97c71c8/source.tar.gz?narHash=sha256-hU7e8tuhxi3jQxJXsqaG%2BzhhNodV3oVzp9FxzOnuEbY%3D' (2024-08-30) → 'https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/0.1.91%2Brev-ee1c24b52b7d1904308128ff8ed6a60f9bbd80c2/0191dca0-4394-7530-93a0-98db890817c6/source.tar.gz?narHash=sha256-bMU7IppWV7ir71xGbcyi20ifsD4sFwqHNMuYQtKfD%2Bo%3D' (2024-09-10) * Explicitly pass 'daemon' to determinate-nixd * fmt * fixup: also specify daemon in systemd unit --------- Co-authored-by: Cole Helbling --- flake.lock | 28 +++++++++---------- .../mod.rs | 4 +-- .../nix-daemon.determinate-nixd.service | 2 +- .../macos/create_determinate_nix_volume.rs | 2 +- .../create_determinate_volume_service.rs | 1 + 5 files changed, 19 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 565232577..87b5a358a 100644 --- a/flake.lock +++ b/flake.lock @@ -17,12 +17,12 @@ ] }, "locked": { - "lastModified": 1725049969, - "narHash": "sha256-hU7e8tuhxi3jQxJXsqaG+zhhNodV3oVzp9FxzOnuEbY=", - "rev": "54bcee31752428b7a69200be76e7c357723ae2de", - "revCount": 89, + "lastModified": 1726165658, + "narHash": "sha256-FSKbT3I6ldMowJ4cazPzOa3fIez8a85zpDPWE8WCnN8=", + "rev": "9f210e6a8d0d0465dd70d14d0d80bcfefea0cddc", + "revCount": 93, "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/0.1.89%2Brev-54bcee31752428b7a69200be76e7c357723ae2de/0191a4ff-ffd4-7774-abcf-bf93c97c71c8/source.tar.gz" + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/0.1.93%2Brev-9f210e6a8d0d0465dd70d14d0d80bcfefea0cddc/0191e780-480e-74fd-b6d5-a737ac399aff/source.tar.gz" }, "original": { "type": "tarball", @@ -32,37 +32,37 @@ "determinate-nixd-aarch64-darwin": { "flake": false, "locked": { - "narHash": "sha256-PE5iOUHttLNVnoW/HU2CJbIxDhwvpqM7ZehNxo8G45Q=", + "narHash": "sha256-1SsjyQHWUzKV44hZhNOAZVZqlh2mm2ngWIU9nr951XQ=", "type": "file", - "url": "https://install.determinate.systems/determinate-nixd/rev/fb88a079cf330e8dfe20f4426a36ee663d7bb47e/macOS" + "url": "https://install.determinate.systems/determinate-nixd/rev/22f4c6a94ca253849571df4f16cc1aef3f489816/macOS" }, "original": { "type": "file", - "url": "https://install.determinate.systems/determinate-nixd/rev/fb88a079cf330e8dfe20f4426a36ee663d7bb47e/macOS" + "url": "https://install.determinate.systems/determinate-nixd/rev/22f4c6a94ca253849571df4f16cc1aef3f489816/macOS" } }, "determinate-nixd-aarch64-linux": { "flake": false, "locked": { - "narHash": "sha256-u1RycvQDu9VevkjHlfiNvbk566em52hDvq+KoLiY7Kg=", + "narHash": "sha256-wmKwEgmsbcPWWCpGBksYjdsrx3YKrf6uIBl4ZUXmkJI=", "type": "file", - "url": "https://install.determinate.systems/determinate-nixd/rev/fb88a079cf330e8dfe20f4426a36ee663d7bb47e/aarch64-linux" + "url": "https://install.determinate.systems/determinate-nixd/rev/22f4c6a94ca253849571df4f16cc1aef3f489816/aarch64-linux" }, "original": { "type": "file", - "url": "https://install.determinate.systems/determinate-nixd/rev/fb88a079cf330e8dfe20f4426a36ee663d7bb47e/aarch64-linux" + "url": "https://install.determinate.systems/determinate-nixd/rev/22f4c6a94ca253849571df4f16cc1aef3f489816/aarch64-linux" } }, "determinate-nixd-x86_64-linux": { "flake": false, "locked": { - "narHash": "sha256-x4au1LaMr/SqiFcbt1GEq1QAlIf9AB9K0T/AH3AvrjY=", + "narHash": "sha256-xaB/sQk2eJRZriHVd/TRiLncqmhoEItapTqvFuJqxIw=", "type": "file", - "url": "https://install.determinate.systems/determinate-nixd/rev/fb88a079cf330e8dfe20f4426a36ee663d7bb47e/x86_64-linux" + "url": "https://install.determinate.systems/determinate-nixd/rev/22f4c6a94ca253849571df4f16cc1aef3f489816/x86_64-linux" }, "original": { "type": "file", - "url": "https://install.determinate.systems/determinate-nixd/rev/fb88a079cf330e8dfe20f4426a36ee663d7bb47e/x86_64-linux" + "url": "https://install.determinate.systems/determinate-nixd/rev/22f4c6a94ca253849571df4f16cc1aef3f489816/x86_64-linux" } }, "fenix": { diff --git a/src/action/common/configure_determinate_nixd_init_service/mod.rs b/src/action/common/configure_determinate_nixd_init_service/mod.rs index 3184adb44..003b7ad71 100644 --- a/src/action/common/configure_determinate_nixd_init_service/mod.rs +++ b/src/action/common/configure_determinate_nixd_init_service/mod.rs @@ -188,7 +188,7 @@ pub enum ConfigureDeterminateNixDaemonServiceError {} #[serde(rename_all = "PascalCase")] pub struct DeterminateNixDaemonPlist { label: String, - program: String, + program_arguments: Vec, run_at_load: bool, sockets: HashMap, standard_error_path: String, @@ -223,7 +223,7 @@ fn generate_plist() -> DeterminateNixDaemonPlist { DeterminateNixDaemonPlist { run_at_load: false, label: "systems.determinate.nix-daemon".into(), - program: "/usr/local/bin/determinate-nixd".into(), + program_arguments: vec!["/usr/local/bin/determinate-nixd".into(), "daemon".into()], standard_error_path: "/var/log/determinate-nix-daemon.log".into(), standard_out_path: "/var/log/determinate-nix-daemon.log".into(), soft_resource_limits: ResourceLimits { diff --git a/src/action/common/configure_determinate_nixd_init_service/nix-daemon.determinate-nixd.service b/src/action/common/configure_determinate_nixd_init_service/nix-daemon.determinate-nixd.service index e9be161ab..f6147f9f7 100644 --- a/src/action/common/configure_determinate_nixd_init_service/nix-daemon.determinate-nixd.service +++ b/src/action/common/configure_determinate_nixd_init_service/nix-daemon.determinate-nixd.service @@ -7,7 +7,7 @@ RequiresMountsFor=/nix/var/nix/db ConditionPathIsReadWrite=/nix/var/nix/daemon-socket [Service] -ExecStart=@/usr/local/bin/determinate-nixd determinate-nixd +ExecStart=@/usr/local/bin/determinate-nixd determinate-nixd daemon KillMode=process LimitNOFILE=1048576 LimitSTACK=64M diff --git a/src/action/macos/create_determinate_nix_volume.rs b/src/action/macos/create_determinate_nix_volume.rs index 987ea69cd..f2db05dc7 100644 --- a/src/action/macos/create_determinate_nix_volume.rs +++ b/src/action/macos/create_determinate_nix_volume.rs @@ -219,7 +219,7 @@ impl Action for CreateDeterminateNixVolume { .map_err(Self::error)?; let mut command = Command::new("/usr/local/bin/determinate-nixd"); - command.args(["--stop-after", "mount"]); + command.args(["--stop-after", "mount", "daemon"]); command.stderr(std::process::Stdio::piped()); command.stdout(std::process::Stdio::piped()); tracing::trace!(command = ?command.as_std(), "Mounting /nix"); diff --git a/src/action/macos/create_determinate_volume_service.rs b/src/action/macos/create_determinate_volume_service.rs index 7f04314b3..7b4cf2648 100644 --- a/src/action/macos/create_determinate_volume_service.rs +++ b/src/action/macos/create_determinate_volume_service.rs @@ -188,6 +188,7 @@ async fn generate_mount_plist( "/usr/local/bin/determinate-nixd".into(), "--stop-after".into(), "mount".into(), + "daemon".into(), ], standard_out_path: "/var/log/determinate-nixd-mount.log".into(), standard_error_path: "/var/log/determinate-nixd-mount.log".into(),