docs(gateway): warn against custom ExecStopPost kill drop-in (restart loop) (#53903)
A user-added systemd drop-in like ExecStopPost=/bin/kill -9 $MAINPID fires on every stop, including clean restarts — it SIGKILLs the freshly spawned gateway before it stabilizes and Restart=always respawns it, producing an infinite restart loop (issue #23272). The unit Hermes installs already shuts down cleanly via KillMode=mixed + KillSignal=SIGTERM with Restart=always + RestartForceExitStatus, so no extra kill is needed. Document this as a danger callout in the gateway service-management section.
This commit is contained in:
parent
ea8facee81
commit
6717cfc805
1 changed files with 4 additions and 0 deletions
|
|
@ -435,6 +435,10 @@ journalctl -u hermes-gateway -f
|
|||
|
||||
Use the user service on laptops and dev boxes. Use the system service on VPS or headless hosts that should come back at boot without relying on systemd linger.
|
||||
|
||||
:::danger Don't add a custom `ExecStopPost` kill drop-in
|
||||
The unit Hermes installs already shuts the gateway down cleanly with `KillMode=mixed` + `KillSignal=SIGTERM`, and uses `Restart=always` with `RestartForceExitStatus` so updates and `/restart` respawn correctly. Do **not** add a systemd drop-in such as `ExecStopPost=/bin/kill -9 $MAINPID` — `ExecStopPost` fires on *every* stop, including clean restarts, so it `SIGKILL`s the freshly spawned instance before it stabilizes and `Restart=always` immediately respawns it. The result is an infinite restart loop (and, on Telegram, a flood of restart messages). If you've added such a drop-in, remove it: `systemctl --user edit hermes-gateway` (or `sudo systemctl edit hermes-gateway` for a system service) and delete the `ExecStopPost` line, then `systemctl --user daemon-reload`.
|
||||
:::
|
||||
|
||||
:::tip Headless VMs: user service + linger avoids root prompts
|
||||
A system service needs root for every restart — including the automatic gateway restart at the end of `hermes update`. When `hermes update` runs as a non-root user, it tries passwordless `sudo systemctl`; if that's unavailable, it skips the restart and prints the manual `sudo systemctl restart hermes-gateway` command (it never blocks on an interactive password prompt).
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue