nixos/systemd: add StartLimitIntervalSec to unit config #50849
Conversation
| @@ -210,6 +210,16 @@ in rec { | |||
| ''; | |||
| }; | |||
|
|
|||
| startLimitIntervalSec = mkOption { | |||
| default = 0; | |||
There was a problem hiding this comment.
Probably shouldn't have a default.
There was a problem hiding this comment.
I'm not sure I understand. When default is set as it is here, the attribute is not written out to the systemd unit file. Why it isn't written isn't quite clear to me.
If I remove the default = 0; line, I get The option systemd.services.audit.startLimitIntervalSec' is used but not defined.` for all services.
GrahamcOfBorg
added
6.topic: nixos
| @@ -219,7 +219,9 @@ let | |||
| // optionalAttrs (config.documentation != []) { | |||
| Documentation = toString config.documentation; } | |||
| // optionalAttrs (config.onFailure != []) { | |||
| OnFailure = toString config.onFailure; | |||
| OnFailure = toString config.onFailure; } | |||
| // optionalAttrs (config.startLimitIntervalSec != []) { | |||
There was a problem hiding this comment.
Remove the default, add an options argument at line 196, then change this here to options.startLimitIntervalSec.isDefined
There was a problem hiding this comment.
Thanks! It looks like the comparisons at
nixpkgs/nixos/modules/system/boot/systemd.nix
Line 199 in 04b4ca3
There was a problem hiding this comment.
I'm actually not sure now what would be better
| Property | Comparing with default | Using isDefined |
Importance (subjective) |
|---|---|---|---|
| Defining as default doesn't trigger generation | Yes | No | 2 |
| Is usually done | Yes | No | 5 |
| Can use value without having set it (getting an empty list makes sense and is useful) | Yes | No | 10 |
| No need to duplicate upstream defaults | No | Yes | 10 |
| Reflects the fact that set values have an influence, unset ones don't | No | Yes | 3 |
Both have advantages and disadvantages. Assigning some subjective importances to these properties, it's 17 vs. 13. The fact that we don't need to duplicate upstream defaults is a pretty good seller for me, but this also means we can't use these config values without having set them, which can be very useful.
After this consideration, I think it would be better to compare everything with the default value instead, so you could change it back again to the original way and use the upstream default is the options default. Now maybe other people have different opinions, but this is mine :)
There was a problem hiding this comment.
@grahamc Could we get your opinion?
@infinisil You seem to suggest that "Defining as default doesn't trigger generation" is a good thing - I would say the opposite. If I explicitly and concretely specify a parameter (eg 0), I would want it written to the config file even if it matches the default. Without the intermediate nix layer, I would have explicitly written it to the config myself.
If I explicitly and abstractly specify the parameter as default, I don't have a strong opinion on if it should be written to the config. I could go either way.
I guess that's a major part of Nix that perhaps needs more documentation. It aims to be the configuration of all configurations, a superset of all others, and we should be consistent on how we handle different styles of configuration.
Could you elaborate on your thinking when you say "Can use value without having set it (getting an empty list makes sense and is useful)" - While getting an empty list makes sense, I don't see how it's useful if nothing is written out. I guess you mean that you can use the variable the same way whether or not it was specified instead of conditioning on isDefined?
cyounkins
force-pushed
the
startlimitinterval
branch
from
d64d3ca to
ef54417
Compare
|
(triage) @infinisil is PR good to go now? |
|
(triage) @grahamc could you chime in? |
|
Actually, why do we need this option at all? Users can just set |
|
@infinisil can you elaborate? I see two references to This commit also adds the documentation in line with all the other unit configuration options. |
|
Only thing left to do is squash the commits into one. The |
|
You can squash in the GitHub UI right? Or do you need me to squash them? |
|
I prefer the PR owners to do the squash. This keeps potential signatures intact, makes the PR have the same commit hash as the merged commit, and it lets the PR author write a suitable combined commit message. |
cyounkins
force-pushed
the
startlimitinterval
branch
from
ef54417 to
6f6287f
Compare
|
@infinisil Done! |
Janik-Haag
added
the
12. first-time contribution
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/module-with-a-systemd-service-option/50421/1 |
Motivation for this change
Adds the new attribute to configure unit start rate limiting.
Documentation: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
Ref #45785
Things done
sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)nix path-info -Sbefore and after)