Merge pull request #164169 from martinetd/logrotate_post_cleanup

logrotate: cleanup legacy options
This commit is contained in:
Artturi 2022-11-05 04:27:33 +02:00 committed by GitHub
commit bed653c5fa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 42 additions and 224 deletions

View File

@ -2526,10 +2526,9 @@ sudo cp /var/lib/redis/dump.rdb /var/lib/redis-peertube/dump.rdb
<listitem>
<para>
The logrotate module also has been updated to freeform syntax:
<link linkend="opt-services.logrotate.paths">services.logrotate.paths</link>
and
<link linkend="opt-services.logrotate.extraConfig">services.logrotate.extraConfig</link>
will work, but issue deprecation warnings and
<literal>services.logrotate.paths</literal> and
<literal>services.logrotate.extraConfig</literal> will work,
but issue deprecation warnings and
<link linkend="opt-services.logrotate.settings">services.logrotate.settings</link>
should now be used instead.
</para>

View File

@ -507,6 +507,15 @@
<literal>[ &quot;all&quot; ]</literal>.
</para>
</listitem>
<listitem>
<para>
Deprecated settings <literal>logrotate.paths</literal> and
<literal>logrotate.extraConfig</literal> have been removed.
Please convert any uses to
<link linkend="opt-services.logrotate.settings">services.logrotate.settings</link>
instead.
</para>
</listitem>
<listitem>
<para>
The <literal>isPowerPC</literal> predicate, found on

View File

@ -906,8 +906,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [services.logrotate.enable](#opt-services.logrotate.enable) now defaults to true if any rotate path has
been defined, and some paths have been added by default.
- The logrotate module also has been updated to freeform syntax: [services.logrotate.paths](#opt-services.logrotate.paths)
and [services.logrotate.extraConfig](#opt-services.logrotate.extraConfig) will work, but issue deprecation
- The logrotate module also has been updated to freeform syntax: `services.logrotate.paths`
and `services.logrotate.extraConfig` will work, but issue deprecation
warnings and [services.logrotate.settings](#opt-services.logrotate.settings) should now be used instead.
- `security.pam.ussh` has been added, which allows authorizing PAM sessions based on SSH _certificates_ held within an SSH agent, using [pam-ussh](https://github.com/uber/pam-ussh).

View File

@ -171,6 +171,10 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
This got partially copied over from the minimal profile and reduces the final system size by up to 200MB.
If you require all locales installed set the option to ``[ "all" ]``.
- Deprecated settings `logrotate.paths` and `logrotate.extraConfig` have
been removed. Please convert any uses to
[services.logrotate.settings](#opt-services.logrotate.settings) instead.
- The `isPowerPC` predicate, found on `platform` attrsets (`hostPlatform`, `buildPlatform`, `targetPlatform`, etc) has been removed in order to reduce confusion. The predicate was was defined such that it matches only the 32-bit big-endian members of the POWER/PowerPC family, despite having a name which would imply a broader set of systems. If you were using this predicate, you can replace `foo.isPowerPC` with `(with foo; isPower && is32bit && isBigEndian)`.
- The `fetchgit` fetcher now uses [cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling) by default for sparse checkouts. [Non-cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems) can be enabled by passing `nonConeMode = true`, but note that non-cone mode is deprecated and this option may be removed alongside a future Git update without notice.

View File

@ -5,93 +5,9 @@ with lib;
let
cfg = config.services.logrotate;
# deprecated legacy compat settings
# these options will be removed before 22.11 in the following PR:
# https://github.com/NixOS/nixpkgs/pull/164169
pathOpts = { name, ... }: {
options = {
enable = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc ''
Whether to enable log rotation for this path. This can be used to explicitly disable
logging that has been configured by NixOS.
'';
};
name = mkOption {
type = types.str;
internal = true;
};
path = mkOption {
type = with types; either str (listOf str);
default = name;
defaultText = "attribute name";
description = lib.mdDoc ''
The path to log files to be rotated.
Spaces are allowed and normal shell quoting rules apply,
with ', ", and \ characters supported.
'';
};
user = mkOption {
type = with types; nullOr str;
default = null;
description = lib.mdDoc ''
The user account to use for rotation.
'';
};
group = mkOption {
type = with types; nullOr str;
default = null;
description = lib.mdDoc ''
The group to use for rotation.
'';
};
frequency = mkOption {
type = types.enum [ "hourly" "daily" "weekly" "monthly" "yearly" ];
default = "daily";
description = lib.mdDoc ''
How often to rotate the logs.
'';
};
keep = mkOption {
type = types.int;
default = 20;
description = lib.mdDoc ''
How many rotations to keep.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = lib.mdDoc ''
Extra logrotate config options for this path. Refer to
<https://linux.die.net/man/8/logrotate> for details.
'';
};
priority = mkOption {
type = types.int;
default = 1000;
description = lib.mdDoc ''
Order of this logrotate block in relation to the others. The semantics are
the same as with `lib.mkOrder`. Smaller values have a greater priority.
'';
};
};
config.name = name;
};
generateLine = n: v:
if builtins.elem n [ "files" "priority" "enable" "global" ] || v == null then null
else if builtins.elem n [ "extraConfig" "frequency" ] then "${v}\n"
else if builtins.elem n [ "frequency" ] then "${v}\n"
else if builtins.elem n [ "firstaction" "lastaction" "prerotate" "postrotate" "preremove" ]
then "${n}\n ${v}\n endscript\n"
else if isInt v then "${n} ${toString v}\n"
@ -110,25 +26,6 @@ let
${generateSection 2 settings}}
'';
# below two mapPaths are compat functions
mapPathOptToSetting = n: v:
if n == "keep" then nameValuePair "rotate" v
else if n == "path" then nameValuePair "files" v
else nameValuePair n v;
mapPathsToSettings = path: pathOpts:
nameValuePair path (
filterAttrs (n: v: ! builtins.elem n [ "user" "group" "name" ] && v != "") (
(mapAttrs' mapPathOptToSetting pathOpts) //
{
su =
if pathOpts.user != null
then "${pathOpts.user} ${pathOpts.group}"
else null;
}
)
);
settings = sortProperties (attrValues (filterAttrs (_: settings: settings.enable) (
foldAttrs recursiveUpdate { } [
{
@ -139,15 +36,7 @@ let
frequency = "weekly";
rotate = 4;
};
# compat section
extraConfig = {
enable = (cfg.extraConfig != "");
global = true;
extraConfig = cfg.extraConfig;
priority = 101;
};
}
(mapAttrs' mapPathsToSettings cfg.paths)
cfg.settings
{ header = { global = true; priority = 100; }; }
]
@ -200,7 +89,9 @@ let
in
{
imports = [
(mkRenamedOptionModule [ "services" "logrotate" "config" ] [ "services" "logrotate" "extraConfig" ])
(mkRemovedOptionModule [ "services" "logrotate" "config" ] "Modify services.logrotate.settings.header instead")
(mkRemovedOptionModule [ "services" "logrotate" "extraConfig" ] "Modify services.logrotate.settings.header instead")
(mkRemovedOptionModule [ "services" "logrotate" "paths" ] "Add attributes to services.logrotate.settings instead")
];
options = {
@ -218,6 +109,25 @@ in
or settings common to all further files settings.
Refer to <https://linux.die.net/man/8/logrotate> for details.
'';
example = literalExpression ''
{
# global options
header = {
dateext = true;
};
# example custom files
"/var/log/mylog.log" = {
frequency = "daily";
rotate = 3;
};
"multiple paths" = {
files = [
"/var/log/first*.log"
"/var/log/second.log"
];
};
};
'';
type = types.attrsOf (types.submodule ({ name, ... }: {
freeformType = with types; attrsOf (nullOr (oneOf [ int bool str ]));
@ -311,76 +221,10 @@ in
in this case you can disable the failing check with this option.
'';
};
# deprecated legacy compat settings
paths = mkOption {
type = with types; attrsOf (submodule pathOpts);
default = { };
description = lib.mdDoc ''
Attribute set of paths to rotate. The order each block appears in the generated configuration file
can be controlled by the [priority](#opt-services.logrotate.paths._name_.priority) option
using the same semantics as `lib.mkOrder`. Smaller values have a greater priority.
This setting has been deprecated in favor of [logrotate settings](#opt-services.logrotate.settings).
'';
example = literalExpression ''
{
httpd = {
path = "/var/log/httpd/*.log";
user = config.services.httpd.user;
group = config.services.httpd.group;
keep = 7;
};
myapp = {
path = "/var/log/myapp/*.log";
user = "myuser";
group = "mygroup";
frequency = "weekly";
keep = 5;
priority = 1;
};
}
'';
};
extraConfig = mkOption {
default = "";
type = types.lines;
description = lib.mdDoc ''
Extra contents to append to the logrotate configuration file. Refer to
<https://linux.die.net/man/8/logrotate> for details.
This setting has been deprecated in favor of
[logrotate settings](#opt-services.logrotate.settings).
'';
};
};
};
config = mkIf cfg.enable {
assertions =
mapAttrsToList
(name: pathOpts:
{
assertion = (pathOpts.user != null) == (pathOpts.group != null);
message = ''
If either of `services.logrotate.paths.${name}.user` or `services.logrotate.paths.${name}.group` are specified then *both* must be specified.
'';
})
cfg.paths;
warnings =
(mapAttrsToList
(name: pathOpts: ''
Using config.services.logrotate.paths.${name} is deprecated and will become unsupported in a future release.
Please use services.logrotate.settings instead.
'')
cfg.paths
) ++
(optional (cfg.extraConfig != "") ''
Using config.services.logrotate.extraConfig is deprecated and will become unsupported in a future release.
Please use services.logrotate.settings with globals=true instead.
'');
systemd.services.logrotate = {
description = "Logrotate Service";
startAt = "hourly";

View File

@ -260,6 +260,7 @@ in {
(mkRenamedOptionModule [ "services" "gitlab" "stateDir" ] [ "services" "gitlab" "statePath" ])
(mkRenamedOptionModule [ "services" "gitlab" "backupPath" ] [ "services" "gitlab" "backup" "path" ])
(mkRemovedOptionModule [ "services" "gitlab" "satelliteDir" ] "")
(mkRemovedOptionModule [ "services" "gitlab" "logrotate" "extraConfig" ] "Modify services.logrotate.settings.gitlab directly instead")
];
options = {
@ -871,15 +872,6 @@ in {
default = 30;
description = lib.mdDoc "How many rotations to keep.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = lib.mdDoc ''
Extra logrotate config options for this path. Refer to
<https://linux.die.net/man/8/logrotate> for details.
'';
};
};
workhorse.config = mkOption {
@ -1042,7 +1034,6 @@ in {
rotate = cfg.logrotate.keep;
copytruncate = true;
compress = true;
extraConfig = cfg.logrotate.extraConfig;
};
};
};

View File

@ -64,29 +64,6 @@ import ./make-test-python.nix ({ pkgs, ... }: rec {
notifempty = true;
};
};
# extraConfig compatibility - should be added to top level, early.
services.logrotate.extraConfig = ''
nomail
'';
# paths compatibility
services.logrotate.paths = {
compat_path = {
path = "compat_test_path";
};
# user/group should be grouped as 'su user group'
compat_user = {
user = config.users.users.root.name;
group = "root";
};
# extraConfig in path should be added to block
compat_extraConfig = {
extraConfig = "dateext";
};
# keep -> rotate
compat_keep = {
keep = 1;
};
};
};
};
@ -127,12 +104,6 @@ import ./make-test-python.nix ({ pkgs, ... }: rec {
"sed -ne '/\"postrotate\" {/,/}/p' /tmp/logrotate.conf | grep endscript",
"grep '\"file1\"\n\"file2\" {' /tmp/logrotate.conf",
"sed -ne '/\"import\" {/,/}/p' /tmp/logrotate.conf | grep noolddir",
"sed -ne '1,/^\"/p' /tmp/logrotate.conf | grep nomail",
"grep '\"compat_test_path\" {' /tmp/logrotate.conf",
"sed -ne '/\"compat_user\" {/,/}/p' /tmp/logrotate.conf | grep 'su root root'",
"sed -ne '/\"compat_extraConfig\" {/,/}/p' /tmp/logrotate.conf | grep dateext",
"[[ $(sed -ne '/\"compat_keep\" {/,/}/p' /tmp/logrotate.conf | grep -w rotate) = \" rotate 1\" ]]",
"! sed -ne '/\"compat_keep\" {/,/}/p' /tmp/logrotate.conf | grep -w keep",
)
# also check configFile option
failingMachine.succeed(