diff --git a/on-boot-script/README.md b/on-boot-script/README.md index fa08b447..33d7abd4 100644 --- a/on-boot-script/README.md +++ b/on-boot-script/README.md @@ -24,11 +24,14 @@ * [build.sh](build.sh) can be used to build the package by yourself. * Be sure to have at least "buildah" installed for the default container based build. + * The following command builds everything that is needed and even deploys and install udm-boot onto your device (you need a working ssh key based auth to your udm!): + ```bash export UDM_HOST= ./build.sh && ./build.sh deploy && ./build.sh install ``` + * Overview * [dpkg-build-files](dpkg-build-files) contains the most scripts and all sources that debuild uses to build the package if you want to build it yourself @@ -37,6 +40,7 @@ for maintainability it's split in three depending files. * [packages/](packages) the required build debian package will be put here + * Built on Ubuntu-20.04 on Windows 10/WSL2 @@ -48,7 +52,7 @@ unifi-os shell ``` -2. Download [udm-boot_1.0.2_all.deb](packages/udm-boot_1.0.2_all.deb) and install it and go back to the UDM +2. Download [udm-boot_1.1.0_all.deb](packages/udm-boot_1.1.0_all.deb) and install it and go back to the UDM ```bash curl -L https://raw.githubusercontent.com/boostchicken/udm-utilities/master/on-boot-script/packages/udm-boot_1.1.0_all.deb -o udm-boot_1.1.0_all.deb @@ -100,6 +104,10 @@ ## Version History +### 1.1.0 + +* move everything into udm-boot container + ### 1.0.2 * Some build improvements and more clean installation diff --git a/on-boot-script/TODO.md b/on-boot-script/TODO.md index 0d0eed51..8ad77803 100644 --- a/on-boot-script/TODO.md +++ b/on-boot-script/TODO.md @@ -1,8 +1,4 @@ # ToDo -* provide a ssh proxy for udm-boot to break out the container. - reuse existing from unifi-os ssh_proxy or a customer one. if we reuse it, we need a way to reload the port on unifi-os restart (would require to mount the dir /var/run/ instead of the file /var/run/ssh_proxy_port -* move udm-boot-services service into the udm-boot container (minimize udm-boot footprint in the unifi-os). - requires the ssh proxy solved * find a more clean way to preserve services? currently mounting the whole /etc/systemd/system dir. * if we will provide cockpit in this package, put it in a container and include at least cockpit-podman package diff --git a/on-boot-script/dpkg-build-files/debian/install b/on-boot-script/dpkg-build-files/debian/install index b8ecd465..3042e25d 100644 --- a/on-boot-script/dpkg-build-files/debian/install +++ b/on-boot-script/dpkg-build-files/debian/install @@ -3,4 +3,3 @@ host/install.sh usr/share/udm-boot/host/ host/uninstall.sh usr/share/udm-boot/host/ host/udm-boot_arm64.tar usr/share/udm-boot/host/ udm-boot.service lib/systemd/system/ -udm-boot-script.service lib/systemd/system/ diff --git a/on-boot-script/dpkg-build-files/debian/postinst b/on-boot-script/dpkg-build-files/debian/postinst index 914e41ef..bc4c01f4 100644 --- a/on-boot-script/dpkg-build-files/debian/postinst +++ b/on-boot-script/dpkg-build-files/debian/postinst @@ -27,11 +27,9 @@ case "$1" in /sbin/ssh-proxy '/mnt/data/udm-boot/install.sh' # enable and start udm-boot - echo "Enable udm-boot services" + echo "Enable udm-boot service" deb-systemd-invoke enable udm-boot.service - deb-systemd-invoke enable udm-boot-script.service deb-systemd-invoke start udm-boot.service - deb-systemd-invoke start udm-boot-script.service echo "" echo "" diff --git a/on-boot-script/dpkg-build-files/host/install.sh b/on-boot-script/dpkg-build-files/host/install.sh index bee6bee4..ce0062ed 100644 --- a/on-boot-script/dpkg-build-files/host/install.sh +++ b/on-boot-script/dpkg-build-files/host/install.sh @@ -27,10 +27,12 @@ podman tag $iid udm-boot --network host \ --hostname udm-boot \ --name udm-boot \ - --volume "/sys/fs/cgroup:/sys/fs/cgroup:ro" \ - --volume "/etc/localtime:/etc/localtime:ro" \ - --volume "/mnt/data/udm-boot/data/var/lib/containers:/var/lib/containers:rw" \ - --volume "/mnt/data/udm-boot/data/etc/systemd/system:/etc/systemd/system:rw" \ + --mount "type=bind,source=/sys/fs/cgroup,target=/sys/fs/cgroup,ro=true" \ + --mount "type=bind,source=/etc/localtime,target=/etc/localtime,ro=true" \ + --mount "type=bind,source=/mnt/data/ssh/id_rsa,target=/root/.ssh/id_rsa,ro=true" \ + --mount "type=bind,source=/var/run,target=/mnt/host_var_run,ro=true" \ + --mount "type=bind,source=/mnt/data/udm-boot/data/var/lib/containers,target=/var/lib/containers,rw=true" \ + --mount "type=bind,source=/mnt/data/udm-boot/data/etc/systemd/system,target=/etc/systemd/system,rw=true" \ udm-boot # cleanup and move legacy udm-boot files diff --git a/on-boot-script/images/Dockerfile.udm-boot b/on-boot-script/images/Dockerfile.udm-boot index 3d5de699..f086553b 100644 --- a/on-boot-script/images/Dockerfile.udm-boot +++ b/on-boot-script/images/Dockerfile.udm-boot @@ -5,6 +5,7 @@ RUN set -ex \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ procps \ net-tools \ + openssh-client \ vim \ cockpit \ && systemctl enable cockpit.socket \ @@ -14,6 +15,16 @@ RUN set -ex \ RUN /bin/bash -c 'echo -e "udm-boot\nudm-boot" |(passwd root)' +# setup ssh proxy +COPY ssh-proxy /sbin/ +RUN set -ex \ + && chmod +x /sbin/ssh-proxy + +# setup init style script service +COPY udm-boot-script.service /lib/systemd/system/ +RUN set -ex \ + && /bin/systemctl enable udm-boot-script.service + VOLUME ["/var/lib/containers", "/etc/systemd/system", "/etc/cni/net.d"] # cockpit diff --git a/on-boot-script/images/ssh-proxy b/on-boot-script/images/ssh-proxy new file mode 100644 index 00000000..f9e38bb0 --- /dev/null +++ b/on-boot-script/images/ssh-proxy @@ -0,0 +1,2 @@ +#!/bin/sh +ssh -p "$(cat /mnt/host_var_run/ssh_proxy_port)" -o StrictHostKeyChecking=no -q root@localhost -- "$@" diff --git a/on-boot-script/dpkg-build-files/udm-boot-script.service b/on-boot-script/images/udm-boot-script.service similarity index 100% rename from on-boot-script/dpkg-build-files/udm-boot-script.service rename to on-boot-script/images/udm-boot-script.service