Fix fcron service to properly load the crontab on first startup, make it multi-instance aware, add tests

2021-04-03 15:45:12 +02:00 · 2021-04-03 15:45:12 +02:00 · 89dba90892
parent c130294a0a
commit 89dba90892
7 changed files with 96 additions and 9 deletions
--- a/example-deployments/services/processes.nix
+++ b/example-deployments/services/processes.nix
@ -127,7 +127,7 @@ rec {
    pkg = constructors.declarativeFcron {
      fcrontabPerUser = {
        systab = ''
-          @ 1 echo hello >> /tmp/hello
+          */1 * * * * echo hello >> /tmp/hello
        '';
      };
    };
--- a/services-agnostic/constructors.nix
+++ b/services-agnostic/constructors.nix
@ -74,7 +74,7 @@ in
  declarativeFcron = import ./fcron/declarative.nix {
    inherit createManagedProcess stateDir spoolDir runtimeDir tmpDir forceDisableUserChange;
-    inherit (pkgs) lib writeTextFile fcron;
+    inherit (pkgs) lib writeTextFile fcron utillinux;
  };
  hydra-evaluator = import ./hydra/hydra-evaluator.nix {
--- a/services-agnostic/fcron/declarative.nix
+++ b/services-agnostic/fcron/declarative.nix
@ -1,4 +1,4 @@
-{createManagedProcess, writeTextFile, lib, fcron, stateDir, runtimeDir, tmpDir, spoolDir, forceDisableUserChange}:
+{createManagedProcess, writeTextFile, lib, fcron, utillinux, stateDir, runtimeDir, tmpDir, spoolDir, forceDisableUserChange}:
 { instanceSuffix ? ""
 , instanceName ? "fcron${instanceSuffix}"
@ -8,14 +8,15 @@
 let
  fcronSpoolDir = "${spoolDir}/${instanceName}";
  fcronEtcDir = "${stateDir}/etc/${instanceName}";
 in
 import ./default.nix {
  inherit createManagedProcess writeTextFile lib fcron stateDir runtimeDir tmpDir spoolDir forceDisableUserChange;
 } {
  inherit instanceSuffix instanceName;
-  initialize = ''
+  initialize =
-    ${lib.concatMapStrings (user:
+    lib.concatMapStrings (user:
      let
        fcrontab = builtins.getAttr user fcrontabPerUser;
        fcrontabFile = writeTextFile {
@ -26,7 +27,9 @@ import ./default.nix {
      ''
        cp ${fcrontabFile} ${fcronSpoolDir}/${user}.orig
      ''
-    ) (builtins.attrNames fcrontabPerUser)}
+      + ''
-    ${initialize}
+        ${lib.optionalString (!forceDisableUserChange) "${utillinux}/bin/runuser -u root -g ${instanceName} --"} fcrontab -c ${fcronEtcDir}/fcron.conf -u systab -z
-  '';
+      ''
    ) (builtins.attrNames fcrontabPerUser)
    + initialize;
 }
--- a/services-agnostic/fcron/default.nix
+++ b/services-agnostic/fcron/default.nix
@ -20,6 +20,21 @@ let
  user = instanceName;
  group = instanceName;
  # We must override the package configuration settings to compile it with different configuration settings,
  # if we want to use a different group or run fcron as unprivileged user
  fcronPkg =
    if forceDisableUserChange then fcron.overrideAttrs (originalAttrs:
      originalAttrs // {
        configureFlags = originalAttrs.configureFlags ++ [ "--with-run-non-privileged" "--with-rootname=unprivileged" "--with-rootgroup=users" "--with-username=unprivileged" "--with-groupname=users" ];
      }
    )
    else if user != "fcron" || group != "fcron" then fcron.overrideAttrs (originalAttrs:
      originalAttrs // {
        configureFlags = originalAttrs.configureFlags ++ [ "--with-rootgroup=${group}" "--with-username=${user}" "--with-groupname=${group}" ];
      }
    )
    else fcron;
 in
 createManagedProcess {
  inherit instanceName;
@ -34,7 +49,8 @@ createManagedProcess {
    ${initialize}
  '';
-  process = "${fcron}/bin/fcron";
+  path = [ fcronPkg ];
  process = "${fcronPkg}/bin/fcron";
  args = [ "--configfile" "${fcronEtcDir}/fcron.conf" ];
  foregroundProcessExtraArgs = [ "--foreground" "--nosyslog" ];
  daemonExtraArgs = [ "--background" ];
--- a/tests/default.nix
+++ b/tests/default.nix
@ -27,6 +27,10 @@ in
    inherit pkgs processManagers profiles testService;
  };
  fcron = import ./fcron {
    inherit pkgs processManagers profiles testService;
  };
  influxdb = import ./influxdb {
    inherit pkgs processManagers profiles testService;
  };
--- a/tests/fcron/default.nix
+++ b/tests/fcron/default.nix
@ -0,0 +1,24 @@
 { pkgs, testService, processManagers, profiles }:
 testService {
  exprFile = ./processes.nix;
  readiness = {instanceName, instance, ...}:
    ''
    '';
  tests = {instanceName, instance, ...}:
    ''
      machine.succeed("sleep 70")
    ''
    +
    (if instanceName == "fcron" then ''
      machine.succeed("grep 'hello' /tmp/hello")
    ''
    else if instanceName == "fcron-secondary" then ''
      machine.succeed("grep 'bye' /tmp/bye")
    ''
    else "");
  inherit processManagers profiles;
 }
--- a/tests/fcron/processes.nix
+++ b/tests/fcron/processes.nix
@ -0,0 +1,40 @@
 { pkgs ? import <nixpkgs> { inherit system; }
 , system ? builtins.currentSystem
 , stateDir ? "/var"
 , runtimeDir ? "${stateDir}/run"
 , logDir ? "${stateDir}/log"
 , spoolDir ? "${stateDir}/spool"
 , cacheDir ? "${stateDir}/cache"
 , libDir ? "${stateDir}/lib"
 , tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
 , forceDisableUserChange ? false
 , processManager
 }:
 let
  constructors = import ../../services-agnostic/constructors.nix {
    inherit pkgs stateDir runtimeDir logDir tmpDir cacheDir libDir spoolDir forceDisableUserChange processManager;
  };
 in
 rec {
  fcron = {
    pkg = constructors.declarativeFcron {
      fcrontabPerUser = {
        systab = ''
          */1 * * * * echo hello >> /tmp/hello
        '';
      };
    };
  };
  fcron-secondary = {
    pkg = constructors.declarativeFcron {
      instanceSuffix = "-secondary";
      fcrontabPerUser = {
        systab = ''
          */1 * * * * echo bye >> /tmp/bye
        '';
      };
    };
  };
 }