unit icon indicating copy to clipboard operation
unit copied to clipboard
verified publisher icon nginx

RPM package: /etc/unit isn't used

Open sycured opened this issue 3 years ago • 3 comments

Hello, I'm building a custom unit container to serve static files.

Container base image: redhat/ubi9-init Unit rpm package: unit-1.27.0-1.el9.ngx.x86_64

Also tried inside an RHEL 9 VM: the same issue

My config.json:

{
  "listeners": {
    "*:8000": {
      "pass": "routes"
    }
  },

  "routes": [
    {
      "action": {
        "share": "/var/www$uri"
      }
    }
  ]
}

Steps used: 0. activate unit (same as your documentation): systemctl enable unit

  1. create /var/www: mkdir -p /var/www
  2. fix permissions: chown unit:unit /var/www
  3. add my static files in /var/www (in my case it's a special service running every 30 minutes with user unit that download new assets to serve from this container)
  4. add my config.json in /etc/unit/
  5. starting the container: my config file isn't automatically loaded

It's a breaking change from the logical way how service (like Nginx, consul, nomad & co) works, and nothing inside the documentation reference this folder.

What's the best practice to use this folder? Do I need to create a service file to run a script like your docker-entrypoint but loading from /etc/unit?

sycured avatar Jun 17 '22 02:06 sycured

We are not making use of /etc/.

UNIT should be initially configured using our control API. This method provides checks of the configuration syntax and makes sure the configuration is consistent.

However Unit keeps the configuration in a state directory. Use unitd --version to see the path of the state directory.

You can place an initial configuration named config.json in this directory. This configuration file will be used on startup to initialize the configuration.

http://unit.nginx.org/howto/source/#configuring-sources

Unit’s state includes sensitive data and must be owned by root with 700 permissions. Avoid updating the directory by outside means; instead, use Unit’s config API to ensure data consistency.

tippexs avatar Jun 17 '22 13:06 tippexs

Indeed, I think the fact that we ship /etc/unit is merely a leftover from the times we initially shipped the packaging without fully understanding the layout unit prefers.

I think the best way is to just drop it from the packaging system so it wont confuse users. I'll prepare some patches for that.

thresheek avatar Jun 17 '22 14:06 thresheek

Thanks @thresheek 👍🏼👍🏼

tippexs avatar Jun 17 '22 14:06 tippexs