Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[21.05][PL-133327] nixos/platform: make connect-timeout configurable #1275

Closed
wants to merge 1 commit into from
Closed

[21.05][PL-133327] nixos/platform: make connect-timeout configurable #1275

wants to merge 1 commit into from

Conversation

Ma27
Copy link
Member

@Ma27 Ma27 commented Feb 6, 2025
edited
Loading

Note: this requires testing on a 21.05 machine.

PL-133327

On 21.05 we don't nix.settings yet, so a custom option it is. Same idea as in #1274.

@flyingcircusio/release-managers

Release process

PR release workflow (internal)

  • PR has internal ticket
  • internal issue ID (PL-…) part of branch name
  • internal issue ID mentioned in PR description text
  • ticket is on Platform agile board
  • ticket state set to Pull request ready
  • if ticket is more urgent than within the next few days, directly contact a member of the Platform team

Design notes

  • Provide a feature toggle if the change might need to be adjusted/reverted quickly depending on context. Consider whether the default should be on or off. Example: rate limiting.
    • The option nix.settings.connect-timeout is now used. This can overriden to any value with mkForce.
  • All customer-facing features and (NixOS) options need to be discoverable from documentation. Add or update relevant documentation such that hosted and guided customers can understand it as well.
    • New option with description got added.

Security implications

  • Security requirments defined? (WHERE)
    • Maintaining Availability: Being able to quickly change the timeout in case of any issues.
  • Security requirements tested? (EVIDENCE):
    • Activated on a test VM
    • Confirmed that overriding works via
{ lib, ... }: {
flyingcircus.nix.connectTimeout = lib.mkForce 23;
}

@Ma27
nixos/platform: make connect-timeout configurable
6e6bd86 
PL-133327

On 21.05 we don't `nix.settings` yet, so a custom option it is.
Same idea as in #1274.
@Ma27 Ma27 marked this pull request as ready for review February 6, 2025 10:34
@osnyx osnyx changed the title [21.05][PL-133327] WIP nixos/platform: make connect-timeout configurable [21.05][PL-133327] nixos/platform: make connect-timeout configurable Feb 13, 2025
osnyx
osnyx requested changes Feb 13, 2025
View reviewed changes
nixos/platform/default.nix
@@ -48,6 +48,14 @@ in {

options = with lib.types; {

flyingcircus.nix.connectTimeout = mkOption {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inventing a new option here that won't exist in any future release will break the unattended update in maintenance path, as the configuration will then only be valid for one of the platform versions.
Why not explicitly backport the option name nix.settings.connect-timeout, that will then be handled by generator-backed settings in future NixOS versions?

@Ma27
Copy link
Member Author

Ma27 commented Feb 18, 2025

As discussed in PL-133327, we don't really need this anymore.

@Ma27 Ma27 closed this Feb 18, 2025
@Ma27 Ma27 deleted the PL-133327-connect-timeout-followup-21.05 branch February 18, 2025 09:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@osnyx osnyx osnyx requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Ma27 @osnyx