How to create a mount configuration file for systemd in NixOS?

vivy · December 26, 2021, 10:18am

So the main problem I’m trying to solve is that every 5 seconds, docker health-check triggers unwanted log entries from systemd like

Dec 26 15:39:47 vivy systemd[1]: run-docker-runtime\x2drunc-moby-7bedfdc72f129af011664c1a65fe5c975f130354dac2c968dd254fd33000723d-runc.iHLI5U.mount: Deactivated successfully.

Googling leads to this issue https://github.com/systemd/systemd/issues/6432
TLDR: Systemd has no way of filtering, which is being requested. As a workaround, we can set LogLevelMax=0 for a prefix of the mount unit.

I believe this can be solved on a normal linux distro by doing as the comment Filter mechanism for logs in journald · Issue #6432 · systemd/systemd · GitHub specifies

In my case, I need to create a directory /etc/systemd/system/run-docker-.mount.d
and create a config file setting LogLevelMax=0 for all such mounts.

What’s the right way to do this?

M12 · December 26, 2021, 1:48pm

maybe something like this?

https://search.nixos.org/options?channel=21.11&show=systemd.mounts.*.mountConfig&from=0&size=50&sort=relevance&type=packages&query=systemd+mount+journald

vivy · December 26, 2021, 3:46pm

I added

    systemd.mounts = [{
      what = "run-docker-";
      where = "run/docker/";
      description = "Mount to disable docker spam";
      mountConfig = { 
        UnknownOption = "foo";
        LogLevelMax = 0;
      };  
    }];

This caused generation of “/etc/systemd/system/run-docker-.mount” with content

[root@vivy:~]# cat /etc/systemd/system/run-docker-.mount
[Unit]
Description=Mount to disable docker spam

[Mount]
LogLevelMax=0
UnknownOption=foo
What=run-docker-
Where=run/docker/

But, what I want is that the final effect must be creating a directory “/etc/systemd/system/run-docker-.mount.d” containing a file ending with “.conf” containing above content.

I see that there are multiple service.d directories

[root@vivy:~]# ls -ld /etc/systemd/system/*.service.d
dr-xr-xr-x 2 root root 4096 Jan  1  1970 /etc/systemd/system/autovt@.service.d
dr-xr-xr-x 2 root root 4096 Jan  1  1970 /etc/systemd/system/container-getty@.service.d
dr-xr-xr-x 2 root root 4096 Jan  1  1970 /etc/systemd/system/dbus.service.d
...

But I couldn’t find what caused the creation of this directory
on reading https://github.com/NixOS/nixpkgs/blob/fa5e153653a1b48e4a21a14b341e2e01835ba8b5/nixos/modules/services/system/dbus.nix
Q1: How is dbus.service.d directory containing an overrides.conf got generated?

Another solution is creating a custom systemd package, adding the mount.d directory with my own .conf file into the package itself. I believe this might be the cleanest way.
Q2: Is this the best way?

M12 · December 26, 2021, 10:08pm

the where option description states:

Absolute path of a directory of the mount point. Will be created if it doesn't exist. (Mandatory)

the what option description states:

Absolute path of device node, file or other resource. (Mandatory)

So an absolute path should begin with the root / I guess?

I did not try it myself yet…

vivy · December 28, 2021, 12:35pm

The goal here is just to create a template directory for all run-docker- units, and not define a real mount unit. The path “run/docker” is meaningless. I chose that because it results in a mount unit called run-docker-.mount, which is the closest I could get to a directory called “run-docker-.mount” inside /etc/systemd/system.

vivy · December 29, 2021, 6:17am

Following up on Q2, I’m using this config to fix systemd docker mount spam.

  systemd.packages = [(
    pkgs.writeTextFile {
      name = "systemd_unit_disable_docker_spam";
      text = ''
      [Mount]
      LogLevelMax=0
      '';
      destination = "/etc/systemd/system/run-docker-.mount.d/log.conf";
    })];

M12 · December 29, 2021, 2:19pm

Nice that you found a simple way to do what you wanted!

I see now, by trying on my own system, that the absolute path suggestion, does not accomplish the same, I am a little puzzled by that

Thanks!