nginx: Do not use spawn-fcgi for munin-graph #139
No reviewers
Labels
No labels
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: evolix/ansible-roles#139
Loading…
Reference in a new issue
No description provided.
Delete branch "mtrossevin/ansible-roles:nginx-munin-no-spawn-fcgi"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
systemd provides already provides all the fonctionnalities of spawn-fcgi
with the exception of the possibility to spawn multiple process to a
single socket (it can be done using multiwatch though). So we might as
well use the fonctions provided by systemd instead of needing to install
a new package and add a layer of indirection in how the fastcgi service
is managed.
This make for a somewhat simpler service that can be started as an
unprivileged user.
@ -36,3 +41,3 @@
- name: Systemd unit for Munin-fcgi is started
systemd:
name: spawn-fcgi-munin-graph
name: fcgi-munin-graph.socket
Enabling only the socket mean that the service will be started on the first connexion on said socket instead of being started on boot. That increase the latency for the very first connexion (+ the first after a crash of the service) in exchange of not blocking boot until the service is started.
0b3a7cbc8f
to93084d6ce8
@ -0,0 +12,4 @@
StandardError=journal
[Install]
WantedBy=multi-user.target
This allow the service to be started on boot instead of waiting for the first connexion on the socket if wanted.
nginx: Do not use spawn-fcgi for munin-graphto WIP: nginx: Do not use spawn-fcgi for munin-graphWIP: nginx: Do not use spawn-fcgi for munin-graphto nginx: Do not use spawn-fcgi for munin-graphI temporarily enabled this change on selks-dev (units in /run/systemd/system instead of /etc and spawn-fcgi-munin-graph stopped but not disabled so it will completely rollback with a reboot).
That seems to work without any problem.
In fact it works without any problem with this exact service unit:
(mostly checked the sandboxing options to know what exactly it need access to in order to works normally)
@ -35,2 +38,4 @@
src: systemd/fcgi-munin-graph.service
dest: /etc/systemd/system/fcgi-munin-graph.service
- name: Systemd unit for Munin-fcgi is started
I guess we should change the name to
Systemd socket for Munin-fcgi is installed
to mention the socket instead of the service.Checkout
From your project repository, check out a new branch and test the changes.Merge
Merge the changes and update on Forgejo.