From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D219C159C96 for ; Mon, 29 Jul 2024 21:52:52 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 53B0C2BC0BF; Mon, 29 Jul 2024 21:52:48 +0000 (UTC) Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 15EE7E2A33 for ; Mon, 29 Jul 2024 21:52:47 +0000 (UTC) Received: by mail-lj1-x230.google.com with SMTP id 38308e7fff4ca-2f01e9f53e3so59099661fa.1 for ; Mon, 29 Jul 2024 14:52:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722289966; x=1722894766; darn=lists.gentoo.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=S5ypI0VkEkm90XC43opB+IWBRSTWU7sDTQFlpQ44p7Y=; b=kRyDn0LpSdd7fv57wGyILPoT8RUvN6jfvEgLl4TcdsurLRgtuTNivfsFMVV5D9o4L9 Xn7n0FmAQj8Tc8U8ymDqukw8oQbAyUkSl9z8k1616wCcBquBj7PolR0SaQot45/OIR/+ ahL3OujzJs6Ho2MkPvD+XtiJLZnmg2Hgeo1v9fzadJuyVXO50y5DWkqjkcyQoM8lB4Va Z1KdbTuqtnuouhItKPrPt3UqyP3XtG86SVoce4mHQ4tJeugArtk/Aw79SyE8ozrZLYCq fFat4rZ0gsuEji/ymptmgKayLtshUd9GW3UhlecxASC+QPMOVjQ8ML7Or5aofxAXh57F KZ9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722289966; x=1722894766; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=S5ypI0VkEkm90XC43opB+IWBRSTWU7sDTQFlpQ44p7Y=; b=URKYCY8mMtNtSLkE8TpTO3jYz9iFLFItzAA59UKvL5vbVVWC2xBMUCin+Mkz1aBo7h 8EtrfGEGKRq6Ev3EP9GD3LX7Ubb0JMEtqUvsLeIBmDNctY63P+pr4SDUE/mLbd28DdZZ oXS3L2W4H/wJsZVMzHEt9HdOiK+wkvcA9cecv91liongkW8C/u2mmWqXqwp/twhteaT8 /hiY8P52zrBshWsz1JooiroG5UO0jTbk2R+AgFxjtFHvi8kPp/nyc/0lPCJzx04EgcfS RIzvCtTUv2+cB8kzWJR+mkzy0PRsS4zbVuUFWyXV2gdylfigMoKrWAGRAjSlJLYIYE87 yTfQ== X-Gm-Message-State: AOJu0YzdpaPqIX5MHvNzDnDcMFqoxVEjUUx/oZw+Rg0NT4Xxt1X2kU3s 9ArVG26g1cvo8bJ9aF2bldZXvnQTstEpo2aYA1WLFX0Q6C/9eBoN+qOZc5P0 X-Google-Smtp-Source: AGHT+IG9WSUoUchwSAYQEsbX9mtx+vO3rlVwUQ/XYgL/j0+i+81va69aTCWbc2bh4DpwaTsyFK4ayw== X-Received: by 2002:a2e:3208:0:b0:2ef:2422:dc21 with SMTP id 38308e7fff4ca-2f12ee6322emr75395301fa.43.1722289965786; Mon, 29 Jul 2024 14:52:45 -0700 (PDT) Received: from localhost.localdomain ([62.244.50.57]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7acad9046fsm564748266b.147.2024.07.29.14.52.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jul 2024 14:52:45 -0700 (PDT) From: Zurab Kvachadze To: gentoo-dev@lists.gentoo.org Cc: conikost@gentoo.org, Zurab Kvachadze Subject: [gentoo-dev] [RFC PATCH v2 00/20] Rework NGINX packaging in Gentoo by introducing nginx{,-module}.eclass Date: Tue, 30 Jul 2024 00:52:16 +0300 Message-ID: <20240729215241.13243-1-zurabid2016@gmail.com> X-Mailer: git-send-email 2.44.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: c75c063c-9495-4c70-ae68-e1cb1c18b091 X-Archives-Hash: 857ecf511f677d2369a1df5d35b574db This is the second iteration of the patch series. The changes between v1 and v2: * nginx.eclass: Add support for installing tmpfiles.d(5) files via NGINX_MISC_FILES. Add RDEPEND on virtual/tmpfiles. Also, the _ngx_set_mod_*() functions now work properly, by checking the module in question against the NGINX_MODULES array with the '+' sign stripped. * nginx.tmpfiles: Add tmpfiles.d(5) file to manage the /var/tmp/nginx directory used to store temporary NGINX files. * nginx-r5.initd: Set pidfile to /run/${RC_SVCNAME}.pid, make NGINX use that instead of the pidfile specified in its configuration file. Allows for seamlessly running multiple instances of NGINX. Set NGINX_CONFIGFILE to /etc/nginx/${RC_SVCNAME}.conf. Remove 'need net' from depend(). Remove the start_pre() function with the call to checkpath. Its functionality is now delegated to systemd-tmpfiles(8). * nginx-r1.confd: The relevant NGINX_PIDFILE option is removed since the pidfile is unconditionally saved to /run/${RC_SVCNAME}.pid. * nginx-*.ebuild: Declare nginx.tmpfiles in NGINX_MISC_FILES, thus installing it. * One more paragraph was added to the third party modules section (2) in the "Question and problems", which suggest issuing NEWS item, due to the impact of the changes. This MR closes the following bugs as RESOLVED FIXED: * 573710, 481456, 928131, 576414, 578658, 735020, 700866 Makes progress towards solving these bugs: * 886537 And otherwise mentions these bugs: * 925098 CCing Conrad Kostecki as he has been the de-facto maintainer of NGINX for a long time. -------------------------------------------- Do not merge this yet! This patch series is still an RFC. Refer to the "Questions and problems" section for more detailed explanation of the issues that (more or less) block the merging of the patches. GitHub PR: https://github.com/gentoo/gentoo/pull/37590 This is an attempt to improve the state of NGINX in the Gentoo tree. The majority of reasoning for introducing this series can be found in the nginx.eclass commit, whereas the actual differences between the previous and the new versions are outlined in the NGINX 1.26.1 revbump commit. Such "refreshes" are important for Gentoo, as to my belief. NGINX has not been maintained for two years now, let alone being rewritten. Thus, NGINX ebuilds are around 42K in size, having accumulated rust over the years. The sheer size and monstrosity of the ebuild hinders the discourages developers from adopting the package. These patches aim to drastically reduce the size and fix numerous issues that NGINX has acquired throughout its lifetime. Questions and problems ====================== (1) Is having separate SLOTs for different NGINX update streams useful? Currently, NGINX is "half-slotted". It has the '0' and the 'mainline' slot with both undergoing the same stabilisation, i.e. 'mainline' version can and do have stable keywords (unlike, for example, Firefox, where LTS versions are stable and rapid ones are always testing). Therefore, intention for this was to make this half-baked slotting complete, by introducing the 'stable' slot. One use case of such distinction is an ability to subscribe to the 'stable' version and receive updates from that, ignoring 'mainline' versions. One of the downsides of SLOTting NGINX is the fact that mainline versions are not always ahead of the stable ones. As an example of this point, the stable NGINX 1.26.0 version was ahead of the mainline 1.25.5. If, for instance, NGINX utilised SLOTting and a user updated from nginx-1.25.5:mainline to nginx-1.26.0:stable, they would be greeted with rather unwelcoming blocker messages. Is this approach reasonable? If not, the SLOTting machinery can easily be removed :) (2) Do all the previously-bundled modules need to be ported to nginx-module.eclass for this to be considered "mergeable"? This implements somewhat special infrastructure (which could be considered as a hack) to tackle the fact that the NGINX build system does not fully support building external modules out of tree. As a proof of concept, four simple modules have been ported to the introduced nginx-module.eclass. If the nginx-module.eclass approach is deemed suitable, should I port the rest of the modules to maintain their presence in the Gentoo tree or shall we just drop them altogether? I am bringing this up since despite the modules (modsecurity, rtmp, lua, etc.) were not independent packages a lot of people rely on them in their workflow, and, thus, we should not just blindly remove them. Having said this, I am not really willing to maintain third party modules as I have no interest in using them. Nonetheless, I believe that people will be encouraged to adopt the unbundled NGINX modules quicker with a number of simplifications brought forth by these patches. In any case, since unbundling is a breaking change from the user perspective, a NEWS item should be issued, notifying users of the changes. (3) Please, test these patches. Although automated tests do work and the ebuilds pass them, it is entirely possible that I have missed something. Happy hacking :) Zurab Kvachadze (20): nginx.eclass: Add new eclass for building the NGINX server nginx-module.eclass: Add new eclass for building NGINX external modules www-servers/nginx: add myself as a proxy maintainer; update metadata.xml www-servers/nginx: add nginx.tmpfiles for managing /var/tmp/nginx www-servers/nginx: add nginx-r5.initd www-servers/nginx: add nginx-r1.confd www-servers/nginx: add nginx-r2.service www-servers/nginx: add nginx-r2.logrotate www-servers/nginx: add nginx-r4.conf profiles/desc: reword and update nginx_modules_http.desc profiles/desc: reword and update nginx_modules_mail.desc profiles/desc: reword and update nginx_modules_stream.desc profiles/categories: Add www-nginx category for external NGINX modules www-servers/nginx: revbump 1.26.1-r1 to 1.26.1-r2, use nginx.eclass www-servers/nginx: revbump 1.27.0-r1 to 1.27.0-r2, use nginx.eclass www-servers/nginx: add 9999 live version, use nginx.eclass www-nginx/ngx_devel_kit: new package, add 0.3.3 www-nginx/ngx-echo: new package, add 0.63 www-nginx/ngx-encrypted-session: new package, add 0.09 www-nginx/ngx-set-misc: new package, add 0.33 eclass/nginx-module.eclass | 180 ++++ eclass/nginx.eclass | 796 ++++++++++++++++++ profiles/categories | 1 + profiles/desc/nginx_modules_http.desc | 147 ++-- profiles/desc/nginx_modules_mail.desc | 9 +- profiles/desc/nginx_modules_stream.desc | 34 +- www-nginx/metadata.xml | 7 + www-nginx/ngx-echo/Manifest | 1 + www-nginx/ngx-echo/metadata.xml | 8 + www-nginx/ngx-echo/ngx-echo-0.63.ebuild | 18 + www-nginx/ngx-encrypted-session/Manifest | 1 + www-nginx/ngx-encrypted-session/metadata.xml | 8 + .../ngx-encrypted-session-0.09.ebuild | 32 + www-nginx/ngx-set-misc/Manifest | 1 + www-nginx/ngx-set-misc/metadata.xml | 11 + .../ngx-set-misc/ngx-set-misc-0.33.ebuild | 50 ++ www-nginx/ngx_devel_kit/Manifest | 1 + www-nginx/ngx_devel_kit/metadata.xml | 8 + .../ngx_devel_kit/ngx_devel_kit-0.3.3.ebuild | 28 + www-servers/nginx/Manifest | 1 + www-servers/nginx/files/nginx-r1.confd | 32 + www-servers/nginx/files/nginx-r2.logrotate | 11 + www-servers/nginx/files/nginx-r2.service | 11 + www-servers/nginx/files/nginx-r4.conf | 39 + www-servers/nginx/files/nginx-r5.initd | 112 +++ www-servers/nginx/files/nginx.tmpfiles | 2 + www-servers/nginx/metadata.xml | 61 +- www-servers/nginx/nginx-1.26.1-r2.ebuild | 31 + www-servers/nginx/nginx-1.27.0-r2.ebuild | 31 + www-servers/nginx/nginx-9999.ebuild | 29 + 30 files changed, 1590 insertions(+), 111 deletions(-) create mode 100644 eclass/nginx-module.eclass create mode 100644 eclass/nginx.eclass create mode 100644 www-nginx/metadata.xml create mode 100644 www-nginx/ngx-echo/Manifest create mode 100644 www-nginx/ngx-echo/metadata.xml create mode 100644 www-nginx/ngx-echo/ngx-echo-0.63.ebuild create mode 100644 www-nginx/ngx-encrypted-session/Manifest create mode 100644 www-nginx/ngx-encrypted-session/metadata.xml create mode 100644 www-nginx/ngx-encrypted-session/ngx-encrypted-session-0.09.ebuild create mode 100644 www-nginx/ngx-set-misc/Manifest create mode 100644 www-nginx/ngx-set-misc/metadata.xml create mode 100644 www-nginx/ngx-set-misc/ngx-set-misc-0.33.ebuild create mode 100644 www-nginx/ngx_devel_kit/Manifest create mode 100644 www-nginx/ngx_devel_kit/metadata.xml create mode 100644 www-nginx/ngx_devel_kit/ngx_devel_kit-0.3.3.ebuild create mode 100644 www-servers/nginx/files/nginx-r1.confd create mode 100644 www-servers/nginx/files/nginx-r2.logrotate create mode 100644 www-servers/nginx/files/nginx-r2.service create mode 100644 www-servers/nginx/files/nginx-r4.conf create mode 100644 www-servers/nginx/files/nginx-r5.initd create mode 100644 www-servers/nginx/files/nginx.tmpfiles create mode 100644 www-servers/nginx/nginx-1.26.1-r2.ebuild create mode 100644 www-servers/nginx/nginx-1.27.0-r2.ebuild create mode 100644 www-servers/nginx/nginx-9999.ebuild -- 2.44.2