-
-
Notifications
You must be signed in to change notification settings - Fork 14.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/typesense: init at 0.24.1 #244233
nixos/typesense: init at 0.24.1 #244233
Conversation
10e1ef3
to
4c9a010
Compare
72a66f5
to
aa44460
Compare
added updater script and passthrou for tests. This is now ready for review from my side. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor changes, the work seems HQ as often :).
aa44460
to
234dd85
Compare
Added comments about issues with building from source, and added requested formatting fixes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome
@ofborg test typesense |
hey @oddlama thanks a lot for this!
Also one question, why did you set the Group and the permission for the state directory to 0700 ? I understand why you would set user, in order to be able to last but not least, those are all detail and none of them are urgent/mandatory, so feel free to skip if you don't have the time. |
It looks me like they copied this from some template service without thinking about whether it is necessary. Their whole codebase never uses
I'm not sure I understand the question. The Group is specified so that the group name is explicitly specified instead of being derived by the service name. Due to DynamicUser there will always be a User and Group allocated for the service, we just set the name for both. Regarding mode 0700, if your point is that the state directory should be 0750 to allow members of the group to do backups, I agree that this should be changed. I initially chose 0700 as a strict default without considering backup services. I'm unfortunately currently a little short on time, so feel free to make the changes if you need them. Otherwise I'll try to cycle back to this later. |
none of these changes are urgent, so feel free to address when you have time. The question around the Group, is why do you want to specify the Group, aren't we just fine, leaving whatever systemd chooses ? I understand the rationale for setting the name for the User, I don't see why we explicitely need to set the name for the group. Regarding mode 0700, my initial thought was that we don't need to set the permissions at all on the directory. I personally always use the same user to make the backups. I've never seen any argument for or against having a group. I was thinking that you might have good reasons for using the group and was curious about those. |
Description of changes
I tried my best to not use a binary distribution here, but after trying to make it work (for far too long) I have decided that it isn't currently feasible. (Typesense will switch to bazel in the next version and creating a working build is almost impossible. You cannot prevent it from downloading stuff at build time; It fails if LANG is not C.UTF-8; The bazel sandbox prevents access to tools built with nix like cmake; ...) If you know how to make it work, please ping me on matrix.
Things done
sandbox = true
set innix.conf
? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)