Dinit support

[MagicRB]

No description provided.

[pizzapim]

Have pushed some fixes I found so far here: https://github.com/pizzapim/NixNG/tree/dinit-support

[MagicRB]

I don't quite like that we cannot have multiple env files, maybe that can be patched into dinit?

[MagicRB]

Well, i patched it in, it compiles, ill test later

[MagicRB]

@pizzapim i merged your changes and added a multiple env-file patch to dinit

[MagicRB]

I rebased, though maybe i broke something

[pizzapim]

Two things I'm noticing now:

1. Apparently the chpst from busybox does not implement the -b flag, so those instances would have to be fixed if we swap to dinit
2. runit still seems to be used somewhere even if you enable dinit

[MagicRB]

1. Well most of the modules use the runit chpst i think, so that should be fine
2. See 1

We do have to make sure to eventually remove the call to chpst now that we have tmpfilesd, we can have the service manager to drop the priviledges

[pizzapim]

I mean, runit is still being added to environment.systemPackages in modules/environment.nix. I don't think this is necessary at all?

[MagicRB]

Oh yeah that's an oversight. The actual runit module should do that conditionally only, it really shouldn't be present always.

[pizzapim]

Also, seems like dumb-init has a hidden dependency on runit because it expects system.activation."runit" to be ran.

[aanderse]

FYI https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/di/dinit/package.nix

useful even if just so that you don't need to do version bumps yourself

[MagicRB]

Thanks! I'll switch it after we switch to 24.11 for the nixpkgs base.

[aanderse]

i'm sure upstream would accept this... maybe i'll PR that to help out

[aanderse]

you run dinit with the -s flag so i believe this is not necessary - it is definitely possible to run dinit without having it handle shutdown though, patch not needed

[MagicRB]

Thing is we want it to do process reaping and properly waiting on services to come down, but not call the kernel to shutdown. So a yes and no situation

[aanderse]

yeah, i think that is what -s does...

 --system, -s                 run as the system service manager
 --system-mgr, -m             run as system manager (perform shutdown etc)

[MagicRB]

We've tested that itll try ro do shutdown without that patch and we do use -s so im a bit confused in regards to the docs

[aanderse]

in my experiments i ran an instance of dinit during stage1, shut it down, then launched a dinit again for stage2 and everything worked as i expected it to

from my perspective it worked as i am describing

[MagicRB]

Ok, ill retest during the weekend and finish this PR up. Thanks for input

[MagicRB]

@aanderse

[STOPPD] nginx
Sending TERM/KILL to all processes...
2024/12/13 15:20:25 [notice] 100#100: signal 15 (SIGTERM) received from 1, exiting
2024/12/13 15:20:25 [notice] 100#100: signal 17 (SIGCHLD) received from 101
2024/12/13 15:20:25 [notice] 100#100: worker process 101 exited with code 0
2024/12/13 15:20:25 [notice] 100#100: signal 29 (SIGIO) received
2024/12/13 15:20:25 [notice] 100#100: signal 17 (SIGCHLD) received from 102
2024/12/13 15:20:25 [notice] 100#100: worker process 102 exited with code 0
2024/12/13 15:20:25 [notice] 100#100: exit
Turning off swap...
/sbin/swapoff: No such file or directory
Unmounting disks...
/bin/umount: No such file or directory
Issuing shutdown via kernel...

that's what I get without the patch

[MagicRB]

Problem is we need this bit to execute https://github.com/davmac314/dinit/blob/master/src/shutdown.cc#L434 but not the shutdown, i.e. we need process reaping but not shutdown. Without the process reaping dinit exits immediately and then the container runtime will SIGKILL the rest of the processes.

[MagicRB]

Not having a : in the owner will throw a very non helpful error, index out of bounds.

[MagicRB]

I'm gonna merge this, it seems to be good enough and it being in a branch is making my life more difficult in my dotfiles repo.