devork · Running River as a systemd service
#systemd
13 posts13 participants0 posts today
New blog post!
I've been using TLS certificates generated by Tailscale to access my self-hosted, private services with HTTPS for some time now, but there is one problem with them: they do not auto-regenerate.
So I used some bash and..
*thunder*, *ominous music*
systemd
to create an automated task that autoregenerates them periodically.
To crank the fun to 11, I also use https://ntfy.sh to notify me if the task succeeded or not
https://stfn.pl/blog/78-tailscale-certs-renew/
#blog #tailscale #systemd #lxc #nextcloud
Is it somehow possible to specify additional options to #journalctl's grep function?
I usually need some sort of `grep -C` for logfiles and it looks like that isn't possible using only journalctl options.
i started to understand the reasoning behind #systemd a lot more when i remembered that some people administer not just one or two (or even a dozen) linux machines, but have networks with hundreds, if not thousands, of them, and the technical/maintenance costs of any hacks that one might otherwise accept on a more traditional system multiply to become quite serious issues at that point
Don’t systemd-analyze fdstore podman.socket, it crashes your PID 1
I haven’t actually checked if any other units would also do this if substituted for podman.socket, but it is consistently reproducible with podman.socket across NixOS on bare metal, Ubuntu in a container, and Fedora in a virtual machine
#TIL I learned, why my debian #Python #systemd service output wasn't live updating in journalctl. This was a problem which I "temporarily" solved by using screen or tmux when I need to follow the output live. (= for about a decade or so...)
Turns out I just need the flag "-u" for unbuffered output and to set the StandardOutput/-Error to "journal" (which should be the default anyway)
And then suddenly after reloading "sudo journalctl -fu my_service" will produce a live, updating output.
Apparently systemd init can crash (segfault) and the computer just keeps working.
You just can't interact with the service manager anymore, incl. initiating a shutdown.
The user service manager keeps running just fine and even journald keeps working. The coredump is even saved by systemd-coredump.
#systemd v258~rc1 is out for testing! So far it has been a complete, utter, unmitigated success, although that might only be because nobody has ran it yet. Time will tell.
#Grub or not to grub ?
I realised that the new #fedora installation that I did a couple of days ago was using grub. Although not a problem or a big deal. I booted into the #bios changed the #legacy setting to #uEFI Win7. (Yes it's an old #motherboard only giving Legacy, uEFI win7 or uEFI win8 as choices). Rebooted from the USB and ran a clean install again. Now it's with #systemd. Did it change anything? no, but it was fun to do.
also complaining about things like "oh people make #linux software #systemd dependent" yeah its also like systemd was invented to address a bunch of specific issues that ancient init script based systems cannot deal with
you cannot just 'not use systemd' when developing many linux applications, and it should not be the responsibility of the linux developers to port the applications to #bsd which is essentially like backporting your apps to slackware 1.0
the burden here CLEARLY falls on netbsd/freebsd/openbsd to create subsystems for porting or emulating linux and other apps
literally no other operating system has done as much to support other OSes than linux as far as filesystems, subsystems, networking and everything else
bsd in contrast has done _nothing_ on any of these fronts except port a handful of linux utilities.
Replied to Morgan Aldridge
@morgant @sotolf @rozodru @paul
My understanding is that libinput is also heavily tied to udev, which is part of systemd. Not ideal for #Linux distros that don't want to use #systemd, plus other OSes like #OpenBSD have had to put in a ton of effort to try to work around all the deeply-ingrained Linux/systemd-isms.
Ugh. Every flipping time with these people, I swear. 
Replied in thread
@sotolf @rl_dane @rozodru @paul My understanding is that libinput is also heavily tied to udev, which is part of systemd. Not ideal for #Linux distros that don't want to use #systemd, plus other OSes like #OpenBSD have had to put in a ton of effort to try to work around all the deeply-ingrained Linux/systemd-isms.
Folks have asked me to add #Wayland support to #MLVWM, but it'll really just have to be a separate project.
Continued thread
```plain
default:~ # time getent passwd >/dev/null
real 0m0.042s
user 0m0.035s
sys 0m0.001s
default:~ # getent passwd | wc -l
2641
```
Caching in #WebIDAMd 
!
I have started a proposal to add an authentication protocol to #systemd-userdbd's Varlink interface:
https://lists.freedesktop.org/archives/systemd-devel/2025-July/051546.html
lists.freedesktop.org[systemd-devel] RFC: userdb authentication protocol
Hey @systemdUltras #systemd #systemdultras
How to pause a timer during the execution of a service?
Usecase: I have a timer that does a mail-sync every 10 or 15 minutes. I have another timer that does a backup every day at 11. During the run of the backup, I want to pause the mail-sync.
I bet there's a way to properly do this with systemd - I am just not sure what the right way is.
Btw, both of these services are user-services, if that matters.
Replied in thread
I'm trying to figure out setting up an email (SMTP) service on my little hosted machines, so I don't need to rely on any particular mail provider.
Which leads me to thinking I really like how #Podman can generate #SystemD units to automatically manage the service containers.
And that has led me to the conclusion I probably should wait for #Debian Trixie release next month, when I can migrate past Podman 4.3.
How do you manage SMTP service for yours, @mike?
I'm sorry, but #Wayland and #Systemd are BOTH abstraction engines with boundary issues.
They even struggle against each other for control.
It's like 2 imperial bureaucrats struggling for jurisdiction over all they can with marketing minions chanting "Order", "Security", "Unity".
Predictability certainly isn't a goal, nor granular access and control.
The people will soon be answering, what's Unix? This is Linux.
Replied in thread
I lied when I said #PAM authentication will come next week. Here's #WebIDAMd demonstrating password authentication against #OAuth, with a PAM module speaking via #Varlink to the daemon:
asciinema.orgWebIDAMd – First working userdb and PAM demoThis is the second demo of [WebIDAMd](https://codeberg.org/Bergblau/webidamd), **now including PAM authentication**. It demonstrates how WebIDAMd can be used to provide Linux system user accounts ...
Long story short, I broke my #Linux installation. Let me know if you can relate x)
ilyess · How I Broke My Linux Installation
More from 
ilyess
Continued thread
Funny side note: Every time I work very close to #systemd, I am surprised how very true it is to Unix principles.
The very core of systemd-userdbd is that authentication backends can be small, specialised, modular single-purpose programs that do one job right (in contrast to the huge uncontrollable mess that NSS is otherwise).