search

cachix / devenv

Fast, Declarative, Reproducible, and Composable Developer Environments
https://devenv.sh
Apache License 2.0
4.46k stars 335 forks source link

Postgres Root User Issue #1230

Closed kefniark closed 5 months ago

kefniark commented 5 months ago

Describe the bug Similar to https://github.com/cachix/devenv/issues/961

My dev machines are usually LXC containers setup by default with root (ephemeral VM). Absolutely no problem with nix, devenv and most other tools. But when I tried to setup a postgres service (which before I had in docker-compose), I run into user issue because my local user is root. It instantly crash and get in a infinite restart loop.

initdb: error: cannot be run as root initdb: hint: Please log in (using, e.g., "su") as the (unprivileged) user that will own the server process

So postgres doesn't want me to run as root, ok fair. But how can I change which user run this service in devenv. I couldn't find a way to add a sudo -u postgres initdb or a hook to run su postgres during the service start.

Is there a way in devenv to run a service under a different user name? It feel a bit overkill to run my whole stack under a postgres user just to satisfy one process requirement.

To reproduce

Version

devenv 1.0.5 (x86_64-linux)

sandydoo commented 5 months ago

It feel a bit overkill to run my whole stack under a postgres user just to satisfy one process requirement.

What's the issue with running things as a non-root user? Why is it overkill? You don't even have to name it "postgres" or lock down the user.

Is there a way in devenv to run a service under a different user name?

IMO this would add unnecessary complexity and make the configs unportable between machines.

kefniark commented 5 months ago

The problem is not really having to create a new user, more to discover such limitation so late in the user flow, when everything is already installed and configured 😢 The problem is not really postgres, more the fact devenv is the one provision it and comes with more limitation than the original tool.

To me, this situation kinda feels like a bad user experience, install everything then brake without proposing alternative. If this is by choice, devenv should probably display some warning/confirmation early on, (if it detect that the installer is being run as root user), knowing this may cause issues with some of the components (like mysql, postgres, ...)

In my case, I will just avoid the issue and go back to docker for the services, seems less rigid and easier to run

sandydoo commented 5 months ago

You're welcome to contribute a PR that improves the DX for this edge-case. I would be happy to merge that 🙂 Though, I'm not sure there's much we can do to improve here, because we'd have to first evaluate the shell to figure out which user you're using.

I do feel like the frustration here is misguided. You encountered a limitation with a third-party component using a non-standard dev environment. The third-party tool then provided you with guidance on what to do instead.