Hi,
Carlo Zancanaro <[email protected]> writes:
[...]
> Many services are fine. Particularly ones that don't require much/any
> configuration (like your "default configuration" examples). Particular
> services where I've had to venture outside of our supported options:
>
> - knot-service-type, using the includes option to add logging
> configuration
> - mumble, overwriting the whole thing to add default channel
> configuration
> - openssh-service-type, to limit the allowed set of algorithms for
> some
> things
> - dovecot-service-type, for metrics reporting via the "stats"
> service
>
> It's worth acknowledging that in all of these cases I have been able
> to
> configure the services the way I want. This is good! However, I feel
> bad
> about it. I feel like I'm doing things the wrong/unsupported way
> (which
> is related to the earlier "unusual" comment).
Anytime you feel something is off or missing, I'd encourage you to send
a patch exposing the needed option, or the escape hatch ("put your extra
fragment here") if it's missing.
[...]
> Many services have a way to check that a config file is valid (like
> doveconf, or nginx -t). I'm sure this there are services which lack
> this
> ability, but I wonder how much safety we can get by running these
> checks
> during the system build.
Note that the check may need to run on a complete system, may not offer
much insight when run in the containerized environment of a
derivation. I've seen that happen before, but can't remember which
service it was.
--
Thanks,
Maxim
