From f72112e801eb6c44fba746d2c2eebe6388f85684 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Mon, 3 Mar 2014 13:44:04 +0000 Subject: trove: Avoid running trove-early-setup on upgrades The trove-early-setup configuration tool is for initial deployment only. --- trove.configure | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/trove.configure b/trove.configure index b2f21ffb..1e6f6f57 100755 --- a/trove.configure +++ b/trove.configure @@ -41,6 +41,17 @@ set -e ROOT="$1" +# The generic system that we are configuring contains a default hostname +# which we should override. This is necessary even when upgrading because +# baserock-system-config-sync isn't smart enough to deal. +echo "Set hostname to $TROVE_ID" +echo "$TROVE_ID" > "$ROOT/etc/hostname" + +if [ "$UPGRADE" == "yes" ]; then + echo "Not configuring trove-early-setup because this is an upgrade." + exit 0 +fi + ########################################################################## lua_escape() @@ -64,9 +75,6 @@ EOF ########################################################################## -echo "Set hostname to $TROVE_ID" -echo "$TROVE_ID" > "$ROOT/etc/hostname" - # trove-early-setup needs "localhost" to be defined, and there's no # guarantee it's going to be in DNS, or that external networking is # up when trove-early-setup runs. We work around this by creating -- cgit v1.2.1 From f6c1bdd287984ca7a300766d2ad9cabae81e03d9 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Mon, 3 Mar 2014 13:45:26 +0000 Subject: trove: Don't keep trove-early-setup systemd unit in /var If /var is a subvolume then we cannot access it until local-fs.target has completed, and certainly we can't expect it to be around when systemd is deciding what units to execute. --- trove.configure | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/trove.configure b/trove.configure index 1e6f6f57..89825733 100755 --- a/trove.configure +++ b/trove.configure @@ -88,9 +88,11 @@ EOF echo "Create /var/lib/trove-setup" install -d -o 0 -g 0 -m 0755 "$ROOT/var/lib/trove-setup" -touch "$ROOT/var/lib/trove-setup/needed" -chown 0:0 "$ROOT/var/lib/trove-setup/needed" -chmod 0600 "$ROOT/var/lib/trove-setup/needed" + +echo "Create /etc/trove-setup.needed" +touch "$ROOT/etc/trove-setup.needed" +chown 0:0 "$ROOT/etc/trove-setup.needed" +chmod 0600 "$ROOT/etc/trove-setup.needed" ########################################################################## @@ -144,14 +146,21 @@ fi ########################################################################## echo "Create trove-early-setup unit file" -cat < "$ROOT/var/lib/trove-setup/trove-early-setup.service" +cat < "$ROOT/etc/systemd/system/trove-early-setup.service" [Unit] Description=Run trove-early-setup (once) Requires=network.target After=network.target Requires=opensshd.service After=opensshd.service -ConditionPathExists=/var/lib/trove-setup/needed + +# If there's a shared /var subvolume, it must be mounted before this +# unit runs. +Requires=local-fs.target +After=local-fs.target + +ConditionPathExists=/etc/trove-setup.needed + [Service] Type=oneshot @@ -167,10 +176,10 @@ ExecStart=/bin/su git -c 'ssh git@localhost as distbuild sshkey add default < /v ExecStart=/bin/su git -c 'ssh git@localhost as mason sshkey add default < /var/lib/trove-setup/mason.key.pub' ExecStart=/bin/mkdir -p /var/run/lighttpd/ ExecStart=/bin/chown cache:cache /var/run/lighttpd/ -ExecStart=/bin/rm /var/lib/trove-setup/needed +ExecStart=/bin/rm /etc/trove-setup.needed ExecStart=/sbin/reboot Restart=no EOF -ln -s "/var/lib/trove-setup/trove-early-setup.service" \ +ln -s "/etc/systemd/system/trove-early-setup.service" \ "$ROOT/etc/systemd/system/multi-user.target.wants/trove-early-setup.service" -- cgit v1.2.1 From f18ee7fcf02a000dd487a8381d7b02ae4c2e0167 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Mon, 3 Mar 2014 13:45:42 +0000 Subject: trove: Make dependency graph of trove-early-setup.service clearer It's hard to spot the 'reboot' command at the bottom of the list of commands and it's a non-standard thing to do. This change should make it more obvious what goes on during Trove first boot. --- trove.configure | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/trove.configure b/trove.configure index 89825733..38a5d614 100755 --- a/trove.configure +++ b/trove.configure @@ -161,6 +161,12 @@ After=local-fs.target ConditionPathExists=/etc/trove-setup.needed +# These must wait until we have created the required users on first boot. +# We reboot the machine after this unit completes so these lines are not +# strictly required, but it's nice to have a dependency graph that is true. +Before=lighttpd.service +Before=git-daemon.service + [Service] Type=oneshot -- cgit v1.2.1