unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* How to invoke shepherd action from shepherd action?
@ 2024-07-05 15:24 Tomas Volf
  2024-07-11  9:55 ` Ludovic Courtès
  0 siblings, 1 reply; 2+ messages in thread
From: Tomas Volf @ 2024-07-05 15:24 UTC (permalink / raw)
  To: guix-devel

[-- Attachment #1: Type: text/plain, Size: 2982 bytes --]

Hello,

I am currently in the process of writing a new service, and I have run into bit
of a wall.  I need to invoke shepherd action after my one-shot service finishes.

The code (relevant bits) for my service is pretty simple:

(define (acme-client-shepherd-services config)
  (let* ((config-file (serialize-acme-client-configuration config))
         (package (acme-client-configuration-package config))
         (reload-hook (acme-client-configuration-reload-hook config))
         (requirement (acme-client-configuration-requirement config))
         (handles (map acme-client-domain-handle
                       (acme-client-configuration-domains config))))
    (list
     (shepherd-service
      (provision '(acme-client-initial))
      (requirement requirement)
      (documentation "Invoke right away to provision certificates immediately.")
      (one-shot? #t)
      (start #~(lambda _
                 (let* ((renew-cert #$(renew-cert config))
                        (renew-res
                         (map
                          (lambda (handle)
                            (or (renew-cert handle)
                                (begin (sleep 15)
                                       (renew-cert handle))
                                (begin (sleep 15)
                                       (renew-cert handle))))
                          '#$handles)))
                   (when (memq 'change (pk renew-res))
                     (pk (#$reload-hook)))
                   ((@ (srfi srfi-1) every) identity renew-res))))
      (actions (list (shepherd-configuration-action config-file)))))))

Now the problem is with the `reload-hook'.  I tried two approaches (the
following is a snippet from define-configuration/no-serialization for
acme-client-configuration):

1. with-shepherd-action

  (reload-hook
   (gexp (with-imported-modules '((gnu services herd))
           #~(begin
               ((@ (gnu services herd) with-shepherd-action)
                'nginx ('reload) result result))))
   "Hook to invoke after certificate change.  The default is to reload nginx.")

This just hangs the shepherd for ever.  Even `herd status' no longer works.
Only recovery I found was hard reboot.

2. invoke

  (reload-hook
   (gexp (with-imported-modules '((guix build utils))
           #~((@ (guix build utils) invoke)
              ;; There probably is more elegant way to get the current shepherd.
              #$(file-append (shepherd-configuration-shepherd
                              (shepherd-configuration))
                             "/bin/herd") "reload" "nginx")))

This does work, but the round-trip via separate binary (and the way to figure it
out) is hardly elegant.

Could someone advice me on how the typical pattern for this should look?
Preferably while staying inside Guile (so no invoke).

Thanks and have a nice day,
Tomas Volf

--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: How to invoke shepherd action from shepherd action?
  2024-07-05 15:24 How to invoke shepherd action from shepherd action? Tomas Volf
@ 2024-07-11  9:55 ` Ludovic Courtès
  0 siblings, 0 replies; 2+ messages in thread
From: Ludovic Courtès @ 2024-07-11  9:55 UTC (permalink / raw)
  To: guix-devel

Hi,

Tomas Volf <~@wolfsden.cz> skribis:

> I am currently in the process of writing a new service, and I have run into bit
> of a wall.  I need to invoke shepherd action after my one-shot service finishes.
>
> The code (relevant bits) for my service is pretty simple:
>
> (define (acme-client-shepherd-services config)
>   (let* ((config-file (serialize-acme-client-configuration config))
>          (package (acme-client-configuration-package config))
>          (reload-hook (acme-client-configuration-reload-hook config))
>          (requirement (acme-client-configuration-requirement config))
>          (handles (map acme-client-domain-handle
>                        (acme-client-configuration-domains config))))
>     (list
>      (shepherd-service
>       (provision '(acme-client-initial))
>       (requirement requirement)
>       (documentation "Invoke right away to provision certificates immediately.")
>       (one-shot? #t)
>       (start #~(lambda _
>                  (let* ((renew-cert #$(renew-cert config))
>                         (renew-res
>                          (map
>                           (lambda (handle)
>                             (or (renew-cert handle)
>                                 (begin (sleep 15)
>                                        (renew-cert handle))
>                                 (begin (sleep 15)
>                                        (renew-cert handle))))
>                           '#$handles)))
>                    (when (memq 'change (pk renew-res))
>                      (pk (#$reload-hook)))
>                    ((@ (srfi srfi-1) every) identity renew-res))))
>       (actions (list (shepherd-configuration-action config-file)))))))
>
> Now the problem is with the `reload-hook'.  I tried two approaches (the
> following is a snippet from define-configuration/no-serialization for
> acme-client-configuration):
>
> 1. with-shepherd-action
>
>   (reload-hook
>    (gexp (with-imported-modules '((gnu services herd))
>            #~(begin
>                ((@ (gnu services herd) with-shepherd-action)
>                 'nginx ('reload) result result))))
>    "Hook to invoke after certificate change.  The default is to reload nginx.")
>
> This just hangs the shepherd for ever.  Even `herd status' no longer works.
> Only recovery I found was hard reboot.

You have to always keep in mind where code is running.  ‘start’, ‘stop’,
and actions are running within the shepherd, in PID 1.

Conversely, the (gnu services herd) module provides utilities to
*connect* to a running shepherd *as a client* (a separate process), very
much like what the ‘herd’ command does.

From shepherd itself, you probably don’t want to connect to shepherd to
perform actions.  Instead, you can use the Shepherd’s API:

  https://www.gnu.org/software/shepherd/manual/html_node/Services.html

In this case, perhaps you’ll want to call ‘perform-service-action’.

(Aside: why did your attempt hang?  While overkill, it should be fine to
connect to shepherd from within shepherd, right?  The problem here is
that ‘with-shepherd-action’ creates a socket *without* O_NONBLOCK.
Thus, the entire shepherd process is blocked when trying to read from
that socket.)

I hope this helps!  Let me know if you think of ways to improve
documentation in this area.

Ludo’.


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2024-07-11  9:56 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-05 15:24 How to invoke shepherd action from shepherd action? Tomas Volf
2024-07-11  9:55 ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).