search

NixOS / hydra

Hydra, the Nix-based continuous build system
http://nixos.org/hydra
GNU General Public License v3.0
1.17k stars 300 forks source link

Can't host on port 80 #174

Closed Fuuzetsu closed 4 years ago

Fuuzetsu commented 10 years ago

3000 is fine, 8080 is fine, but if I try 80 then nixos-rebuild switch succeeds but the server is nowhere to be seen. systemctl status with port 80 set

Aug 12 06:42:15 yuuki systemd[1]: Started hydra-server.service.
Aug 12 06:42:15 yuuki hydra-server[9234]: Duplicate specification "host|h=s" for option "h"
Aug 12 06:42:15 yuuki hydra-server[9234]: Use of uninitialized value in list assignment at /nix/store/679q5flzzsgp3baj3ad9lzk9hw9b5l7j-hydra-perl-deps/lib/perl5/site_perl/5.16.3/MooseX/Getopt/Basic.pm line 135.
Aug 12 06:42:17 yuuki hydra-server[9234]: DEPRECATION WARNING: The Regex dispatch type is deprecated.
Aug 12 06:42:17 yuuki hydra-server[9234]: The standalone Catalyst::DispatchType::Regex distribution
Aug 12 06:42:17 yuuki hydra-server[9234]: has been temporarily included as a prerequisite of
Aug 12 06:42:17 yuuki hydra-server[9234]: Catalyst::Runtime, but will be dropped in the future. Convert
Aug 12 06:42:17 yuuki hydra-server[9234]: to Chained methods or include Catalyst::DispatchType::Regex
Aug 12 06:42:17 yuuki hydra-server[9234]: as a prerequisite for your application.

With 3000 set

Aug 12 06:44:27 yuuki hydra-server[11824]: has been temporarily included as a prerequisite of
Aug 12 06:44:27 yuuki hydra-server[11824]: Catalyst::Runtime, but will be dropped in the future. Convert
Aug 12 06:44:27 yuuki hydra-server[11824]: to Chained methods or include Catalyst::DispatchType::Regex
Aug 12 06:44:27 yuuki hydra-server[11824]: as a prerequisite for your application.
Aug 12 06:44:28 yuuki hydra-server[11824]: Use of uninitialized value $opt in lc at /nix/store/679q5flzzsgp3baj3ad9lzk9hw9b5l7j-hydra-perl-deps/lib/perl5/site_perl/5.16.3/Starman/Server.pm line 70.
Aug 12 06:44:28 yuuki hydra-server[11824]: 2014/08/12-06:44:28 Starman::Server (type Net::Server::PreFork) starting! pid(11824)
Aug 12 06:44:28 yuuki hydra-server[11824]: Resolved [*]:3000 to [0.0.0.0]:3000, IPv4
Aug 12 06:44:28 yuuki hydra-server[11824]: Binding to TCP port 3000 on host 0.0.0.0 with IPv4
Aug 12 06:44:28 yuuki hydra-server[11824]: Setting gid to "65534 65534 65534"
Aug 12 06:44:28 yuuki hydra-server[11824]: Starman: Accepting connections at http://*:3000/
rbvermaa commented 10 years ago

Port 80 is a privileged port which usually only root can bind to. Hydra runs using the hydra user, and therefore can't bind to the port. Usually we run with a reverse proxy in front of hydra, see e.g. http://blog.matejc.com/blogs/myblog/nixos-hydra-nginx. If you use a newer kernel, you could probably set some capabilities for the hydra-server systemd service as well to allow it.

Fuuzetsu commented 10 years ago

I suspected that was the case. The issue here is that NixOS doesn't complain when hydra-server doesn't actually manage to start due to the port.

That's a nice post, I was looking for that earlier, thanks.