Re: Webservices and Shepherd

[ludo@gnu.org (Ludovic Courtès)]

Thomas Sigurdsen <thomas.sigurdsen@gmail.com> skribis:

> I will, over the coming week or so, begin setting up a server (for web pages,
> file sharing and hopefully email).
>
> Webservices: Is it preferred to put their "program files" in package
> definitions and telling shepherd how to run them in services?
>
> Are there any examples of a guixsd server config with multiple web services
> out there?

Did you look at “info "(guix)Web Services"”?
(<https://gnu.org/software/guix/manual/html_node/Web-Services.html> is
an older, less complete version of that.)

GuixSD has a service definition for nginx, which aims to make it easy to
deploy nginx.  A simple example can be seen in this test:

  https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/tests/web.scm

For more complex nginx configuration, you can let it use a native nginx
config file instead of the Scheme config.

I haven’t tried complex web service config, but I think Chris Baines
Cc’d has and might be able to help.

> And when it comes to shepherd: I've seen a few configs where shepherd is
> running as a user in addition to root. It looks like this is a good way to
> separate webservices and similar, maybe even giving them separate users. But
> does it mean shepherd is running multiple instances, increasing overhead and
> difficulty of management (as in how do I know which shepherd I'm talking to
> and so on)?

For system services like nginx, the service definition can just tell the
Shepherd running as PID 1 to start the service under a separate UID.
For instance, nginx may run as the ‘nginx’ user.

Running shepherd as a user is only useful if you plan to have per-user
services.  For instance, I run privoxy and an mcron instance like this.

HTH!

Ludo’.