NixOS module with daemon that only reads configuration from etc

tsj · May 21, 2023, 4:22am

I am writing a module around a daemon that is only able to read and write config and other files from /etc/opt/somedir. Every other module I have seen deals with a friendly binary that allows you to specify the location of the config file as an argument. What are my options in dealing with this? I imagine they are:

Let daemon have its way, make entries in environment.etc in the module definition for the various files
Try to patch the software to load a config file from elsewhere
Look into running the service in some kind of chroot jail

I don’t like #1 because NixOS modules don’t do this as far as I can tell, hypothetically I guess you might run multiple variants of the service with a different config file and the environment.etc approach would break that.

#2 is possible but not easy as it may require significant changes to the command line parser in the software

I don’t even know if #3 is possible.

Broad question, looking for any guidance or other approaches.

mjm · May 21, 2023, 5:10am

Is running the software in a container an option? You could bind mount some other directory on the host to be at /etc/opt/somedir in the container.

Guekka · May 21, 2023, 7:46am

If the daemon follows symlinks, you can symlink the directory to somewhere else

mkdir $userDir
ln -s $userDir /etc/opt/somedir

That’s the approach often taken with Laravel for example