From a87120c2fd537ca7ae92a2999984f16afebe5621 Mon Sep 17 00:00:00 2001 From: Vika Date: Fri, 21 Jul 2023 18:18:05 +0300 Subject: Allow socket-activation for Kittybox This complements passing sockets as FDs and graceful shutdown to allow for zero-downtime restarts. --- configuration.nix | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'configuration.nix') diff --git a/configuration.nix b/configuration.nix index 937b1c8..e86f4b7 100644 --- a/configuration.nix +++ b/configuration.nix @@ -121,6 +121,20 @@ in { message = "To use the Postgres backend, Kittybox has to be compiled with Postgres support enabled."; } ]; + systemd.sockets.kittybox = { + description = config.systemd.services.kittybox.description; + wantedBy = [ "sockets.target" ]; + + restartTriggers = [ cfg.bind cfg.port ]; + + socketConfig = { + ListenStream = lib.mkMerge [ + (lib.mkIf (cfg.bind == null) cfg.port) + (lib.mkIf (cfg.bind != null) "${cfg.bind}:${builtins.toString cfg.port}") + ]; + BindIPv6Only = true; + }; + }; systemd.services.kittybox = { description = "An IndieWeb-enabled blog engine"; @@ -136,7 +150,6 @@ in { ]; environment = { - SERVE_AT = "${cfg.bind}:${builtins.toString cfg.port}"; MICROSUB_ENDPOINT = cfg.microsubServer; WEBMENTION_ENDPOINT = cfg.webmentionEndpoint; BACKEND_URI = cfg.backendUri; @@ -152,9 +165,6 @@ in { export KITTYBOX_INTERNAL_TOKEN=$(${pkgs.coreutils}/bin/cat ${cfg.internalTokenFile}) fi ''} - if [[ ${cfg.cookieSecretFile} == /var/lib/kittybox/cookie_secret_key && ! -f /var/lib/kittybox/cookie_secret_key ]]; then - cat /dev/urandom | tr -Cd '[:alnum:]' | head -c 128 > /var/lib/kittybox/cookie_secret_key - fi exec ${cfg.package}/bin/kittybox ''; -- cgit 1.4.1