From d25787db807894d73b2d309ae9e02211bf084f49 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 13 Dec 2023 17:49:56 +0200 Subject: [PATCH] binary-cache: move to EnvironmentFile= Load the environment via EnvironmentFile=. This avoids the service crashing the first time, because the initial transaction didn't see the service drop-ins created by cloud-init yet. --- hosts/binary-cache/configuration.nix | 2 ++ terraform/jenkins/binary_cache.tf | 15 +++++---------- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/hosts/binary-cache/configuration.nix b/hosts/binary-cache/configuration.nix index faa4a5af..fb7f4b96 100644 --- a/hosts/binary-cache/configuration.nix +++ b/hosts/binary-cache/configuration.nix @@ -53,6 +53,7 @@ + ":azureblob:binary-cache-v1"; # On successful startup, grant caddy write permissions to the socket. ExecStartPost = "${pkgs.acl.bin}/bin/setfacl -m u:caddy:rw %t/rclone-http/socket"; + EnvironmentFile = "/run/rclone-http.env"; }; }; @@ -92,6 +93,7 @@ "" "${pkgs.caddy}/bin/caddy run --environ --config ${config.services.caddy.configFile}/Caddyfile" ]; + systemd.services.caddy.serviceConfig.EnvironmentFile = "/run/caddy.env"; # Expose the HTTP and HTTPS port. networking.firewall.allowedTCPPorts = [80 443]; diff --git a/terraform/jenkins/binary_cache.tf b/terraform/jenkins/binary_cache.tf index 0cc5c285..fa1a6280 100644 --- a/terraform/jenkins/binary_cache.tf +++ b/terraform/jenkins/binary_cache.tf @@ -35,22 +35,17 @@ module "binary_cache_vm" { ssh_authorized_keys = local.ssh_keys[user] } ] - # TODO: this should be EnvironmentFile, so we don't need to restart + # See corresponding EnvironmentFile= directives in services write_files = [ { - content = "[Service]\nEnvironment=AZURE_STORAGE_ACCOUNT_NAME=ghafbinarycache", - "path" = "/run/systemd/system/rclone-http.service.d/cloud-init.conf" + content = "AZURE_STORAGE_ACCOUNT_NAME=ghafbinarycache", + "path" = "/run/rclone-http.env" }, { - content = "[Service]\nEnvironment=SITE_ADDRESS=ghaf-binary-cache.northeurope.cloudapp.azure.com", - "path" = "/run/systemd/system/caddy.service.d/cloud-init.conf" + content = "SITE_ADDRESS=ghaf-binary-cache.northeurope.cloudapp.azure.com", + "path" = "/run/caddy.env" }, ], - runcmd = [ - "systemctl daemon-reload", # pick up drop-ins - "systemctl restart caddy.service", - "systemctl restart rclone-http.service" - ] })]) subnet_id = azurerm_subnet.binary_cache.id