Re: [Nix-dev] [Fixed?] Re: environment in systemd services
On Sun, 31 Jan 2016 01:28:37 +0100 "Guillaume Maudoux (Layus)" wrote: > Yep. Most probably SSL_CERT_FILE. Look for that string on thé github > issues, or in the mailing list archives. Yep, it actually is the SSL_CERT_FILE, thanks! This service seems to do what it should (have to wait till tomorrow to check if my startAt is what I want): ``` systemd.services.duplyamazon = { path = [ pkgs.bash pkgs.duply pkgs.duplicity ]; serviceConfig = { User = "root"; WorkingDirectory = "/root"; }; environment = { SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt"; }; script = "duply amazon backup"; startAt = "*-*-* 2:10:00"; }; ``` (I could have found a similar question some days ago about duplicity where the cert file was the answer too. Oh, if I had read the mailinglist better…) - Arnold signature.asc Description: PGP signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] [Fixed?] Re: environment in systemd services
Yep. Most probably SSL_CERT_FILE. Look for that string on thé github issues, or in the mailing list archives. Layus. Le 30 janvier 2016 17:35:17 UTC+01:00, zimbatm a écrit : >My guess is that it's probably an environnent variable that's missing >and >bash is sourcing the profiles. > >On Sat, 30 Jan 2016 17:30 Arnold Krille wrote: > >> Hi all, >> >> I kind of fixed it. I played around with the duply config, but that >> didn't really change anything. >> >> Then I went back to getting fcron installed and sending emails. And >> there I encountered the same problem with the same backtrace with the >> empty error message! >> >> So there seems to be something different between the system >environment >> and roots login shell. So I started not `duply amazon status` but >`bash >> -l -c "duply amazon status"`, thus running duply in roots login >shell. >> And now it works! Both when run in cron and when run in its own >system >> service! >> >> I am not sure if this is the right solution, but at least I got some >> backups working now. >> >> As soon as I add backups to a local disk I will check again if duply >> can't run with the system environment… >> >> Have fun, >> >> Arnold >> >> On Sat, 30 Jan 2016 14:34:21 +0100 Arnold Krille > >> wrote: >> > Nope, the aws credentials are in the url given in the config file. >> > >> > I also tried setting serviceConfig with options privateTmp=false >and >> > privateNetwork=false but these options seem to be for a later >version >> > of systemd. I am on stock 15.09 here. >> > >> > - Arnold >> > >> > (Before anyone asks, the backup is encrypted and only the public >part >> > of the gpg key is present on the server.) >> > >> > On Sat, 30 Jan 2016 13:27:52 + zimbatm >> > wrote: >> > > Did you try to pass the AWS keypair trough an environment >> > > variable ? I don't know it that would fix it but it's a 3rd >> > > solution, not having access to the right keys. >> >> ___ >> nix-dev mailing list >> nix-dev@lists.science.uu.nl >> http://lists.science.uu.nl/mailman/listinfo/nix-dev >> > > > > >___ >nix-dev mailing list >nix-dev@lists.science.uu.nl >http://lists.science.uu.nl/mailman/listinfo/nix-dev ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] [Fixed?] Re: environment in systemd services
My guess is that it's probably an environnent variable that's missing and bash is sourcing the profiles. On Sat, 30 Jan 2016 17:30 Arnold Krille wrote: > Hi all, > > I kind of fixed it. I played around with the duply config, but that > didn't really change anything. > > Then I went back to getting fcron installed and sending emails. And > there I encountered the same problem with the same backtrace with the > empty error message! > > So there seems to be something different between the system environment > and roots login shell. So I started not `duply amazon status` but `bash > -l -c "duply amazon status"`, thus running duply in roots login shell. > And now it works! Both when run in cron and when run in its own system > service! > > I am not sure if this is the right solution, but at least I got some > backups working now. > > As soon as I add backups to a local disk I will check again if duply > can't run with the system environment… > > Have fun, > > Arnold > > On Sat, 30 Jan 2016 14:34:21 +0100 Arnold Krille > wrote: > > Nope, the aws credentials are in the url given in the config file. > > > > I also tried setting serviceConfig with options privateTmp=false and > > privateNetwork=false but these options seem to be for a later version > > of systemd. I am on stock 15.09 here. > > > > - Arnold > > > > (Before anyone asks, the backup is encrypted and only the public part > > of the gpg key is present on the server.) > > > > On Sat, 30 Jan 2016 13:27:52 + zimbatm > > wrote: > > > Did you try to pass the AWS keypair trough an environment > > > variable ? I don't know it that would fix it but it's a 3rd > > > solution, not having access to the right keys. > > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] [Fixed?] Re: environment in systemd services
Hi all, I kind of fixed it. I played around with the duply config, but that didn't really change anything. Then I went back to getting fcron installed and sending emails. And there I encountered the same problem with the same backtrace with the empty error message! So there seems to be something different between the system environment and roots login shell. So I started not `duply amazon status` but `bash -l -c "duply amazon status"`, thus running duply in roots login shell. And now it works! Both when run in cron and when run in its own system service! I am not sure if this is the right solution, but at least I got some backups working now. As soon as I add backups to a local disk I will check again if duply can't run with the system environment… Have fun, Arnold On Sat, 30 Jan 2016 14:34:21 +0100 Arnold Krille wrote: > Nope, the aws credentials are in the url given in the config file. > > I also tried setting serviceConfig with options privateTmp=false and > privateNetwork=false but these options seem to be for a later version > of systemd. I am on stock 15.09 here. > > - Arnold > > (Before anyone asks, the backup is encrypted and only the public part > of the gpg key is present on the server.) > > On Sat, 30 Jan 2016 13:27:52 + zimbatm > wrote: > > Did you try to pass the AWS keypair trough an environment > > variable ? I don't know it that would fix it but it's a 3rd > > solution, not having access to the right keys. signature.asc Description: PGP signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev