[Nix-dev] Why nginx config isn't placed into /etc/nginx/nginx.conf?
zimbatm
zimbatm at zimbatm.com
Wed Aug 10 00:33:03 CEST 2016
Just put haproxy in front and then.. oh wait, what if the haproxy
configuration changes? :p
Since systemd already does socket activation it would be nice if it could
also start a new process before sending the SIGTERM to the old one. The old
process would the stop accepting new connection but have a delay to handle
the existing clients connection.
On Tue, 9 Aug 2016, 23:19 Layus, <layus.on at gmail.com> wrote:
> Would you mind expanding on these two reasons ?
>
> If I understand you well, the first is about using reload instead of
> restart.
> I guess it is useful for shorter downtimes, or even to avoid breaking
> existing connections, right ?
> This seems like a valid point to me. We could try to improve this.
>
> But I do not understand your second concern.
>
> Regards,
> -- Layus.
>
>
> On 09/08/16 19:06, Luca Bruno wrote:
>
> So, there are few drawbacks with the read-only nginx config as it is. Of
> course, you can at any time run the nginx with an /etc/nginx config that
> you write imperatively, by creating a brand new systemd service and
> disregarding the existing one. After all nginx is quite a simple service to
> run.
>
> Problems with the current approach:
> 1. Doesn't allow for nginx reload, because the file path changes hence
> nginx needs to be restarted.
> 2. If you are auto-updating the nginx config and reloading it
> automatically after e.g. Consul health checking you are in trouble.
>
> With /etc/nginx you give up nix rollbacks, but you can do it manually with
> git which is faster than a nixos-rebuild.
>
> So if you are going to run production stuff and maximize availability, I'd
> suggest to go for imperative /etc/nginx.
>
> That applies to most of fully declarative services in nixos.
>
> An alternative would be to still be kind of declarative by creating a
> static /etc/nginx path which symlinks to the read-only config. It all
> depends if nginx follows symlinks or not.
> If it works, it's worth changing the nixos systemd definition of nginx for
> all with this approach.
> Still you will have troubles with 3rd orchestration software auto-updating
> the nginx config file.
>
>
>
> _______________________________________________
> nix-dev mailing listnix-dev at lists.science.uu.nlhttp://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160809/378562fe/attachment-0001.html>
More information about the nix-dev
mailing list