From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:8:6d80::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id iNQMCtkPdmBnsQAAgWs5BA (envelope-from ) for ; Tue, 13 Apr 2021 23:40:41 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id cPrXA9kPdmApRwAAbx9fmQ (envelope-from ) for ; Tue, 13 Apr 2021 21:40:41 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 426BB22CBC for ; Tue, 13 Apr 2021 23:40:40 +0200 (CEST) Received: from localhost ([::1]:60366 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lWQlx-0005TK-VN for larch@yhetil.org; Tue, 13 Apr 2021 17:40:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46920) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lWPzZ-0004qL-2G for help-guix@gnu.org; Tue, 13 Apr 2021 16:50:38 -0400 Received: from libre.brussels ([2a01:4f8:201:1044::1]:58648) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lWPzQ-0002jX-Tn for help-guix@gnu.org; Tue, 13 Apr 2021 16:50:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=libre.brussels; s=mail; t=1618347022; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ib+Wp3UB0pZriyFeapdPvXMmOa//WSZEYCV5T0U4Cp4=; b=DSkg2pFt1RKGcvc2EPmHE0MABJKs9INM8aQuDRnPuxnH5xd24iZorZUTYK2PPSqKOW7+2+ A+ARX0eMIz+n5KyrfEhGYPDLqtR2jH5RrI6IZ5G/nIOFlVwFuJgIcqk6DoYkxNcTx2GIB/ nD0tas2DQfRPJTR6U2Ueksf5OrZYTAw= References: <87r1jgsjme.fsf@rdklein.fr> <87lf9mosf4.fsf@rdklein.fr> From: Jonathan McHugh To: help-guix@gnu.org Subject: Re: Environment of a shepherd service In-reply-to: <87lf9mosf4.fsf@rdklein.fr> Date: Tue, 13 Apr 2021 22:47:58 +0200 Message-ID: <87k0p5lxmp.fsf@libre.brussels> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=2a01:4f8:201:1044::1; envelope-from=indieterminacy@libre.brussels; helo=libre.brussels X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Tue, 13 Apr 2021 17:39:49 -0400 X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1618350040; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=Ib+Wp3UB0pZriyFeapdPvXMmOa//WSZEYCV5T0U4Cp4=; b=u+SknWF7yicv/cirKZjlXubXBvT+tBLPIvA1iIG5YS0d2HKbAJ98YjKDHVbbs6kVGcsNx6 9TdacHoRHTASutqf8b78Cj+hg0UkdAKvkOWR1Y+aXQREPjj301MiOeFMRDsS85WEp2BSh8 wjKI9ef1T3ciC6T3t5Z8BJLv1ATZsvDdTPGk2T6GywunkXp8PQgplS3jnIJg6D3ps6Xma1 rTdZpn8AQcaQbGI78rFTnUZ6hO8Ro6bAVSnxJM6P7bUFKUMeTx+oNUqv6N5rJWM2vd+p74 EMl2xoavOOfpvswDC/Z7denK+08Bgnq6iUbarsjdXYJbTHfbsLMtt4ArHqgV7g== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1618350040; a=rsa-sha256; cv=none; b=IcRYD0hIRXUhNfXVlivSBy/+AhELzhPXG4XbnSTfPl1eIE36edCtJXfpTSNEyBOltBXAdR XVOZJdOBIMS/KNs0s7pJj+PJ+X5kB6P8xeAeG6QGO3nS1+9LldkSULrS1z/PnxkMkYrq3N qf1ne38C7yrLy/VBHzC55akre2rbuIF9etF+/PnCkMOfm3EIzyeM0pfBYa9HwGFuT1bAPS Ym6Cn0TquDb8PyTMp6X2uNJT+WBVZZNWolKPqgHBKK5UppRCJNwZzM25FvUV3Xknp265Ur /okaF6TFe1Y/lS/3mENhzorDoW00IyfOtKvI0IkVpT9JLsUXHJlbasG6yZDCYA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=libre.brussels header.s=mail header.b=DSkg2pFt; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Migadu-Spam-Score: 0.16 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=libre.brussels header.s=mail header.b=DSkg2pFt; dmarc=fail reason="SPF not aligned (relaxed)" header.from=libre.brussels (policy=none); spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Migadu-Queue-Id: 426BB22CBC X-Spam-Score: 0.16 X-Migadu-Scanner: scn0.migadu.com X-TUID: IZoTtgXEa5TB Did you read this blog post?: https://guix.gnu.org/en/blog/2020/gnu-shepherd-user-services/ ====== START ======== The GNU Shepherd manual suggests putting all the services inside a monolithic init.scm file, located by default at $XDG_CONFIG_DIR/shepherd/init.scm. While this does make it easy to keep everything in one place, it does create one glaring issue: any changes to the file mean that all the services need to be stopped and restarted in order for any changes to take place. Luckily there's a nice function called scandir hiding in ice-9 ftw which returns a list of all files in a specified directory (with options for narrowing down the list or sorting it). This means that our init.scm can contain a minimum of code and all actual services can be loaded from individual files. First the minimal init.scm: (use-modules (shepherd service) ((ice-9 ftw) #:select (scandir))) ;; Load all the files in the directory 'init.d' with a suffix '.scm'. (for-each (lambda (file) (load (string-append "init.d/" file))) (scandir (string-append (dirname (current-filename)) "/init.d") (lambda (file) (string-suffix? ".scm" file)))) ;; Send shepherd into the background (action 'shepherd 'daemonize) Let's take a sample service for running syncthing, as defined in $XDG_CONFIG_DIR/shepherd/init.d/syncthing.scm: (define syncthing (make #:provides '(syncthing) #:docstring "Run `syncthing' without calling the browser" #:start (make-forkexec-constructor '("syncthing" "-no-browser") #:log-file (string-append (getenv "HOME") "/log/syncthing.log")) #:stop (make-kill-destructor) #:respawn? #t)) (register-services syncthing) (start syncthing) As with any other shepherd service it is defined and registered, and in this case it will start automatically. When the file is loaded by shepherd after being discovered by scandir everything works exactly as though the service definition were located directly inside the init.scm. ======== END ======= HTH Edouard Klein writes: > Hi, > > So I looked at the source and I understand that there's no way around > having only PATH=/run/current-system/profile/bin as the sole environment > of a service (which makes me wonder how anyone is running any service in > GuixSD, don't you need any env variables ?). > > I tried to define a trivial package that would use wrap-program to > create a script that would set the environment variables to all the > search-paths of my requisomatic package, but I don't know how to access > those ! > > In the code that is executed by the daemon, all references to the > package are lost, it is not in the same strata as the package. > > I can get the store path to the package but that does not help me. > > I really could use some guidance here. > > Cheers, > > Edouard. > edk@beaver-labs.com writes: > >> Dear fellow Guixers, >> >> I'm trying to create an operating system declaration, so that I can run >> a piece of software of mine in a container with =guix system container=. >> >> I wrote a package for the software. The package works: the tests pass >> and when the package is installed I can run the software. >> >> I wrote a shepherd service for the software (it's called requisomatic). >> I copied the relevant part at the end of the email. >> >> When I run the container script created by =guix system container=, and >> get a shell in the container, I can run the software (I added the software's >> package to the globally installed packages in the operating-system definition). >> >> But, when I try to run it with shepherd, it fails because it can't find >> flask (a dependency of the software, which I've put as a >> propagated-input, and is indeed installed in the container). >> >> I replaced the software invocation in the shepherd service with just >> "env", and saw that the whole env in the service is: >> >> PATH=/run/current-system/profile/bin >> >> whereas in the shell I get when I connect to the container, the env >> contains many other variables, including a correctly set PYTHONPATH, >> which allows the finding of flask. >> >> So I now know why my software is not starting, but my question is: >> >> Why is the PYTHONPATH (and the other env vars, for that matter) not >> propagated from the package to the shepherd service by default ? And how >> can I make it so ? I would have expected the shepherd service to run >> with the global profile active. >> >> Follow up question, can shepherd services be specified to run in a >> specific profile ? So that I can have two services with incompatible >> dependencies running at the same time in the same operating-system ? >> >> Thanks in advance, >> >> Cheers, >> >> Edouard. >> >> >> >> -----extract from my operating-system declaration file------- >> (define requisomatic-shepherd-service >> (match-lambda >> (($ user group db-file) >> (list (shepherd-service >> (provision '(requisomatic)) >> (requirement '(user-processes networking)) >> (documentation "Run the requisomatic server") >> (start #~((make-forkexec-constructor >> ;; (append >> ;; (if db-file >> ;; `("env" >> ;; ,(string-append "REQUISOMATIC_DB_FILE=" db-file)) >> ;; '()) >> '("gunicorn" "requisomatic:app") >> ;; '("env") >> ;;) >> #:directory (string-append #$requisomatic "/bin/requisomatic/") >> #:log-file "/var/log/requisomatic.log"))) >> (stop #~(make-kill-destructor))))))) -- Jonathan McHugh indieterminacy@libre.brussels