From ffb593f88093760bc0a1d7c925661aad1a5955bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Thu, 17 Apr 2014 15:40:02 +0200 Subject: [PATCH] nixos/graphite-service: fix startup issue The preStart snippets (graphite, carbon) try to create directories under /var/db/. That currently fails because the code is run as user "graphite". Fix by setting "PermissionsStartOnly = true" so that the preStart stuff is run as 'root'. Further: * graphite-web-0.9.12/bin/build-index.sh needs perl, so add it to PATH. * Now that preStart runs as root, we must wait with "chown graphite" until we're done creating files/directories. * Drop needless check for root (uid 0) before running chown. --- nixos/modules/services/monitoring/graphite.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/monitoring/graphite.nix b/nixos/modules/services/monitoring/graphite.nix index cb67b9d4fcbb..abdaf6ec2968 100644 --- a/nixos/modules/services/monitoring/graphite.nix +++ b/nixos/modules/services/monitoring/graphite.nix @@ -184,6 +184,7 @@ in { ExecStart = "${pkgs.twisted}/bin/twistd ${carbonOpts "carbon-cache"}"; User = "graphite"; Group = "graphite"; + PermissionsStartOnly = true; }; restartTriggers = [ pkgs.pythonPackages.carbon @@ -194,7 +195,7 @@ in { ]; preStart = '' mkdir -m 0700 -p ${cfg.dataDir}/whisper - if [ "$(id -u)" = 0 ]; then chown -R graphite:graphite ${cfg.dataDir}; fi + chown -R graphite:graphite ${cfg.dataDir} ''; }; @@ -235,6 +236,7 @@ in { description = "Graphite Web Interface"; wantedBy = [ "multi-user.target" ]; after = [ "network-interfaces.target" ]; + path = [ pkgs.perl ]; environment = { PYTHONPATH = "${pkgs.python27Packages.graphite_web}/lib/python2.7/site-packages"; DJANGO_SETTINGS_MODULE = "graphite.settings"; @@ -248,11 +250,11 @@ in { --call django.core.handlers.wsgi:WSGIHandler''; User = "graphite"; Group = "graphite"; + PermissionsStartOnly = true; }; preStart = '' if ! test -e ${dataDir}/db-created; then mkdir -m 0700 -p ${dataDir}/{whisper/,log/webapp/} - if [ "$(id -u)" = 0 ]; then chown -R graphite:graphite ${cfg.dataDir}; fi # populate database ${pkgs.python27Packages.graphite_web}/bin/manage-graphite.py syncdb --noinput @@ -261,6 +263,8 @@ in { ${pkgs.python27Packages.graphite_web}/bin/build-index.sh touch ${dataDir}/db-created + + chown -R graphite:graphite ${cfg.dataDir} fi ''; restartTriggers = [