From 6ed6953e22ec8648f566c9a459e84e5b90a71806 Mon Sep 17 00:00:00 2001 From: Albert Peschar Date: Thu, 10 Aug 2023 08:24:26 +0000 Subject: [PATCH] nixos/oci-containers: stop container using backend Make systemd actually call `podman stop` when stopping a container unit. Fixes #249332 --- nixos/modules/virtualisation/oci-containers.nix | 7 ++++--- nixos/tests/oci-containers.nix | 5 +++++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/nixos/modules/virtualisation/oci-containers.nix b/nixos/modules/virtualisation/oci-containers.nix index 71f5d7a752c8..29d287afbdd2 100644 --- a/nixos/modules/virtualisation/oci-containers.nix +++ b/nixos/modules/virtualisation/oci-containers.nix @@ -296,9 +296,10 @@ let ); preStop = if cfg.backend == "podman" - then "[ $SERVICE_RESULT = success ] || podman stop --ignore --cidfile=/run/podman-${escapedName}.ctr-id" - else "[ $SERVICE_RESULT = success ] || ${cfg.backend} stop ${name}"; - postStop = if cfg.backend == "podman" + then "podman stop --ignore --cidfile=/run/podman-${escapedName}.ctr-id" + else "${cfg.backend} stop ${name}"; + + postStop = if cfg.backend == "podman" then "podman rm -f --ignore --cidfile=/run/podman-${escapedName}.ctr-id" else "${cfg.backend} rm -f ${name} || true"; diff --git a/nixos/tests/oci-containers.nix b/nixos/tests/oci-containers.nix index 1afa9df36dfa..e5029d3799f6 100644 --- a/nixos/tests/oci-containers.nix +++ b/nixos/tests/oci-containers.nix @@ -24,6 +24,10 @@ let ports = ["8181:80"]; }; }; + + # Stop systemd from killing remaining processes if ExecStop script + # doesn't work, so that proper stopping can be tested. + systemd.services."${backend}-nginx".serviceConfig.KillSignal = "SIGCONT"; }; }; @@ -32,6 +36,7 @@ let ${backend}.wait_for_unit("${backend}-nginx.service") ${backend}.wait_for_open_port(8181) ${backend}.wait_until_succeeds("curl -f http://localhost:8181 | grep Hello") + ${backend}.succeed("systemctl stop ${backend}-nginx.service", timeout=10) ''; };