Bug#871553: systemd service doesn't honour /etc/default/varnish

Tue, 08 Aug 2017 23:43:05 -0700 

Source: varnish
Version: 5.0.0-7.1
Severity: normal
Tags: patch

Hello,

today I installed varnish on my production server and, while trying to
configure it, it inexplicably failed to follow the options given
in /etc/default/varnish.

I found out that the mentioned file is only honoured by /etc/init.d/varnish;
while /lib/systemd/system/varnish.service simply provides a (reasonable!) set
of defaults.

See the attached proposed patch. A couple of notes on that, though:

1) regarding VARNISH_STORAGE_FILE, in /etc/default/varnish it uses $INSTANCE,
which in turn is $(uname -n). I don't really know how to launch subscripts from
systemd service files, so I simply put "instance" there, please have a look
whether it's feasible or not.

2) always regarding the storage type, i.e. the "-s" switch of varnishd,
in /etc/default/varnish and varnish.service two different defaults are used.
Please settle on one (the former uses file, the latter uses malloc).

Have a nice day,
David

--- varnish.service.orig	2017-08-09 08:19:12.345040719 +0200
+++ varnish.service	2017-08-09 08:28:11.102476241 +0200
@@ -6,7 +6,18 @@
 Type=simple
 LimitNOFILE=131072
 LimitMEMLOCK=82000
-ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T 127.0.0.1:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
+Environment=VARNISH_LISTEN_ADDRESS=
+Environment=VARNISH_LISTEN_PORT=6081
+Environment=VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
+Environment=VARNISH_ADMIN_LISTEN_PORT=6082
+Environment=VARNISH_VCL_CONF=/etc/varnish/default.vcl
+Environment=VARNISH_SECRET_FILE=/etc/varnish/secret
+Environment=VARNISH_STORAGE_FILE=/var/lib/varnish/instance/varnish_storage.bin
+Environment=VARNISH_STORAGE_SIZE=1G
+Environment=VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
+Environment=VARNISH_TTL=120
+EnvironmentFile=-/etc/default/varnish
+ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a $VARNISH_LISTEN_ADDRESS:$VARNISH_LISTEN_PORT -T $VARNISH_ADMIN_LISTEN_ADDRESS:$VARNISH_ADMIN_LISTEN_PORT -f $VARNISH_VCL_CONF -S $VARNISH_SECRET_FILE -s $VARNISH_STORAGE
 ProtectSystem=full
 ProtectHome=true
 PrivateTmp=true

Attachment: pgp_g7rdshWtK.pgp
Description: Firma digitale OpenPGP

Reply via email to