If you are using git anyhow to generate the diff, could you please fork GitHub - adrelanos/proposals: https://phabricator.whonix.org/T635 | https://phabricator.whonix.org/T634 and commit? That would make the diff a lot easier to apply and read for me.
From your diff…
I think I agree for the most part.
+include /home/.config/server-config.d/*.conf
Looks like a user name is missing. There is no user .config
.
Do you mean it would automatically interpreted as from
- …
/home/.config/server-config.d/*.conf
- to
/home/user1/.config/server-config.d/*.conf
- to
/home/user2/.config/server-config.d/*.conf
- etc.? (Depending on the user under which the application is running?)
include
vs home folder is not obvious yet in the draft? Perhaps the config should contain a variable
$HOME` or so? And only be adhered by applications running as user such as unMessage? And ignored by applications run by the init system (such a web servers)?
! In T635#12783, @dau wrote:
As we discussed in 0, I am updating the draft.
Thanks!
Based on Tomas Pospisek’s posts 1 and 2, I made the following changes (it’s attached).
Following your reply 3 to Marco d’Itri’s post 4, I agree and think he did not fully understand our intentions, so I did not take that into consideration.
Ok.
From my understanding, Tomas Pospisek would like to have additional configuration include
s explicit and manually added to the main file so that it is clear what is supposed to happen instead of thinking “apparently placing customizations in /home/.config/server-config.d/
just work”. I do not fully agree as I am usually in favor of “convention over configuration” and either just adding configurations to some of the server-config.d
dirs or customizing main.config
still require you “to have a priory knowledge” (you need to know what you are doing and what files to change), but I do like the solution he presented by using include
, which makes the file a lot “cleaner”.
Ok.
From your reply 5 to his post:
Would you suggest just a single file /etc/server/main.config?
Or should there be also:
- /usr/lib/server/main.config
- /etc/server/main.config
- /home/.config/server/main.config
From my current self, my question was a bit pointless. Of course only /etc/server/main.config
and not /usr/lib/server/main.config
etc. No need to make it overly complex.
I think that by naming that file main
, he intended to have just a single file so that not much knowledge is required (otherwise you would have know about not only all the .config
files, but also the .conf
ones).
Yes.
Also, from his comments in 2 it would be a good idea to use multiple .config
files and multiple .d
subdirs for complex configs, but I do think it is the case here.
Yes.
I agree with that but one problem that we might face is having that single .config
file “restored” from the template when using Qubes. What do you think? Maybe having a directory in main.config
that is not restored solves that? (i.e., all customizations should be in that dir)
Not sure I understand. I guess you are referring to Qubes template implementation (and Qubes bind-dirs and such)? Yes, indeed! How could I forget about this.
So let’s sneak into the proposal…?
include /usr/local/etc/server-config.d/*.conf
/usr/local
is persistent in Qubes TemplateBasedVMs. Then users would not have to modify their template, but could for example also persistently change settings in their TemplateBased AppVMs.
Should main.config file[s] only contain include
statements and
comments and nothing else?
I am pasting /etc/logrotate.conf
below, which contains more than include
statements. I think that there is no need for that as this convention is very clear about what the related .conf
files should be and their contents are consistent to each other. I do like that the other content in /etc/logrotate.conf
is consistent to the content of the other files in /etc/logrotate.d/
.
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp, or btmp -- we'll rotate them here
/var/log/wtmp {
missingok
monthly
create 0664 root utmp
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0660 root utmp
rotate 1
}
# system-specific logs may be configured here
I like that.
This new approach would not change the way the .conf
files work when dealing with configurations from the previous files, right? If it is needed, they are able to to ignore the previous statements with, for example, listen_ip=
.
Yes.
I am saying that because it looks like now main.config
is allowed to change and just having include
statements suggests that prefixing them with #
is enough to ignore.
Yes.
That could work for non-Qubes systems, but as I mentioned above having main.config
restored can be a problem.
Yes. Let’s see if you like my suggestion to cover this using /usr/local/etc/server-config.d/*.conf
as mentioned above.