summaryrefslogtreecommitdiff
path: root/updater-ng
diff options
context:
space:
mode:
authorKarel Kočí <cynerd@email.cz>2022-01-26 13:53:47 +0100
committerKarel Kočí <cynerd@email.cz>2022-01-26 13:53:47 +0100
commit7aaa211601597aee58e56d99cf8530a7ba52d80c (patch)
tree31d4278dda402272c95692cda8a5ce162951e96e /updater-ng
parent53aaeee4bbdb41453d40563ad228ae2dccfcc7e6 (diff)
downloadopenwrt-personal-pkgs-7aaa211601597aee58e56d99cf8530a7ba52d80c.tar.gz
openwrt-personal-pkgs-7aaa211601597aee58e56d99cf8530a7ba52d80c.tar.bz2
openwrt-personal-pkgs-7aaa211601597aee58e56d99cf8530a7ba52d80c.zip
updater-ng: test update to 70.0.0
Diffstat (limited to 'updater-ng')
-rw-r--r--updater-ng/Makefile97
-rwxr-xr-xupdater-ng/files/cleanup_rc_d.sh27
-rw-r--r--updater-ng/files/turris-repo.lua34
-rw-r--r--updater-ng/files/turris.lua108
-rw-r--r--updater-ng/files/uci-defaults16
-rwxr-xr-xupdater-ng/files/update_alternatives.sh23
-rw-r--r--updater-ng/files/updater.config4
7 files changed, 309 insertions, 0 deletions
diff --git a/updater-ng/Makefile b/updater-ng/Makefile
new file mode 100644
index 0000000..3fe04f9
--- /dev/null
+++ b/updater-ng/Makefile
@@ -0,0 +1,97 @@
+#
+## Copyright (C) 2016-2020 CZ.NIC z.s.p.o. (http://www.nic.cz/)
+#
+## This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+# #
+#
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=updater-ng
+PKG_VERSION:=70.0.0
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://gitlab.nic.cz/turris/updater/updater.git
+PKG_MIRROR_HASH:=4e3cb85ae1fd77e06799cb40dacb9f6170c4523c0be52b9dadddb2a05d5afe1b
+PKG_SOURCE_VERSION:=v$(PKG_VERSION)
+
+PKG_MAINTAINER:=CZ.NIC <packaging@turris.cz>
+PKG_LICENSE:=GPL-3.0-or-later
+PKG_LICENSE_FILES:=COPYING
+
+PKG_BUILD_DEPENDS:=busybox uthash argp-standalone
+
+PKG_INSTALL:=1
+PKG_FIXUP:=autoreconf
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/autotools.mk
+
+define Package/updater-ng
+ SECTION:=updater
+ CATEGORY:=Turris Updater
+ TITLE:=Updater
+ DEPENDS:=\
+ +liblua \
+ +libuci-lua \
+ +libevent2 \
+ +libcurl \
+ +liburiparser \
+ +libarchive \
+ +base64c \
+ +ca-certificates
+endef
+
+define Package/updater-ng/description
+ Turris package manager designed for automatic updates in mind. It is
+ non-interactive in general but highly configurable through Lua scripts.
+endef
+
+CONFIGURE_ARGS += \
+ --disable-tests \
+ --disable-linters \
+ --disable-docs \
+ --with-embed-busybox="$(STAGING_DIR)/bin/busybox-static"
+
+define Package/$(PKG_NAME)/install
+ $(INSTALL_DIR) $(1)/usr/lib/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/libupdater*.so* $(1)/usr/lib/
+
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/* $(1)/usr/bin/
+ $(INSTALL_BIN) ./files/update_alternatives.sh $(1)/usr/bin/
+
+ $(INSTALL_DIR) $(1)/etc/updater
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/src/pkgupdate/configs/conf.lua $(1)/etc/updater
+ $(INSTALL_DIR) $(1)/etc/updater/conf.d
+ $(INSTALL_CONF) ./files/turris.lua $(1)/etc/updater/conf.d/turris.lua
+ $(INSTALL_CONF) ./files/turris-repo.lua $(1)/etc/updater/turris-repo.lua
+ $(INSTALL_CONF) $(PKG_BUILD_DIR)/src/pkgupdate/configs/example.lua $(1)/etc/updater/conf.d/example.lua
+
+ $(INSTALL_DIR) $(1)/etc/updater/hook_preupdate
+ touch $(1)/etc/updater/hook_preupdate/.keep
+ $(INSTALL_DIR) $(1)/etc/updater/hook_postupdate
+ $(INSTALL_BIN) ./files/cleanup_rc_d.sh $(1)/etc/updater/hook_postupdate/
+ $(INSTALL_DIR) $(1)/etc/updater/hook_reboot_required
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/src/pkgupdate/hook_reboot_required/50-create-notification.sh $(1)/etc/updater/hook_reboot_required/50-create-notification.sh
+
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) ./files/updater.config $(1)/etc/config/updater
+endef
+
+define Package/updater-ng/conffiles
+/etc/updater/conf.d/example.lua
+/etc/updater/turris-repo.lua
+/etc/config/updater
+endef
+
+define Package/updater-ng/postinst
+if [ -n "$$IPKG_INSTROOT" ] && [ -n "$$BOOTSTRAP_UPDATER_BRANCH" ]; then
+ mkdir -p "$$IPKG_INSTROOT/usr/share/updater"
+ echo "$$BOOTSTRAP_UPDATER_BRANCH" \
+ > "$$IPKG_INSTROOT/usr/share/updater/bootstrap-updater-branch"
+fi
+endef
+
+$(eval $(call BuildPackage,updater-ng))
diff --git a/updater-ng/files/cleanup_rc_d.sh b/updater-ng/files/cleanup_rc_d.sh
new file mode 100755
index 0000000..9df8015
--- /dev/null
+++ b/updater-ng/files/cleanup_rc_d.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -eu
+
+cd "$ROOT_DIR/etc/rc.d"
+
+# Remove any dangling links
+for rc in *; do
+ [ -L "$rc" ] || continue
+ [ -f "$rc" ] || {
+ echo "Removing enable for non-existent service: $rc" >&2
+ rm -f "$rc"
+ }
+done
+
+# Fix multiple links for same service
+# We list here all links and do two passes. First we just remove number and filter
+# out only duplicates. This way we have problematic services but to get name only
+# once we have to remove leading 'S' or 'K' and do second pass. This way we have
+# just list of all problematic services.
+find -maxdepth 1 -type l \
+ | sed 's|\./\([SK]\)..|\1|' | sort | uniq -d \
+ | sed 's|[SK]||' | sort | uniq \
+ | while read -r service; do
+ echo "Fixing multiple startup/shutdown links for service: $service" >&2
+ rm -f [SK]??"$service"
+ /bin/sh "$ROOT_DIR/etc/rc.common" "$ROOT_DIR/etc/init.d/$service" enable
+done
diff --git a/updater-ng/files/turris-repo.lua b/updater-ng/files/turris-repo.lua
new file mode 100644
index 0000000..2935e3d
--- /dev/null
+++ b/updater-ng/files/turris-repo.lua
@@ -0,0 +1,34 @@
+--[[
+This file allows you to override path to Turris lists. Those are Lua scripts
+maintained in default on https://repo.turris.cz along side the packages.
+Sometimes you want to point all machinery to different server just for testing.
+This file is here exactly for that.
+]]
+return {
+
+ --[[
+ Following line can be uncommented and changed to specify different server.
+ ]]
+ --url = "https://repo.turris.cz",
+
+ --[[
+ Following few lines can be uncommented if you want to include your own public
+ key used to sign your own copy of lists.
+ This is used only if url is also defined.
+ ]]
+ --pubkey = {
+ -- "file:///etc/updater/keys/release.pub",
+ -- "file:///etc/updater/keys/standby.pub",
+ -- "file:///etc/updater/keys/test.pub"
+ --},
+
+ --[[
+ These options are here rather for completeness. You can ping appropriate CA,
+ specify CRL or disable OCSP.
+ These options are ignored if url is not also defined.
+ ]]
+ --ca = true,
+ --crl = false,
+ --ocsp = true,
+
+}
diff --git a/updater-ng/files/turris.lua b/updater-ng/files/turris.lua
new file mode 100644
index 0000000..ae9b701
--- /dev/null
+++ b/updater-ng/files/turris.lua
@@ -0,0 +1,108 @@
+--[[
+This file is part of updater-ng. Don't edit it.
+]]
+
+local uci_cursor = nil
+if uci then
+ uci_cursor = uci.cursor(root_dir .. "/etc/config")
+else
+ ERROR("UCI library is not available. Configuration not used.")
+end
+local function uci_cnf(name, default)
+ if uci_cursor then
+ return uci_cursor:get("updater", "turris", name) or default
+ else
+ return default
+ end
+end
+
+-- Configuration variables
+local mode = uci_cnf("mode", "branch") -- should we follow branch or version?
+local branch = uci_cnf("branch", "hbs") -- which branch to follow
+local version = uci_cnf("version", nil) -- which version to follow
+
+-- Verify that we have sensible configuration
+if mode == "version" and not version then
+ WARN("Mode configured to be 'version' but no version provided. Changing mode to 'branch' instead.")
+ mode = "branch"
+end
+
+-- Detect host board
+local product = os_release["OPENWRT_DEVICE_PRODUCT"] or os_release["LEDE_DEVICE_PRODUCT"]
+if product:match("[Mm]ox") then
+ board = "mox"
+elseif product:match("[Oo]mnia") then
+ board = "omnia"
+elseif product:match("[Tt]urris 1.x") then
+ board = "turris1x"
+else
+ DIE("Unsupported Turris board: " .. tostring(product))
+end
+Export('board')
+
+-- Detect container
+local env = io.open("/proc/1/environ", "rb")
+for name, value in env:read("*a"):gmatch"([^=]+)=([^%z]+)%z?" do
+ if name == "container" then
+ container=value
+ Export("container")
+ end
+end
+env:close()
+
+
+-- Common connection settings for Turris OS scripts
+local script_options = {
+ security = "Remote",
+ pubkey = {
+ "file:///etc/updater/keys/release.pub",
+ "file:///etc/updater/keys/standby.pub",
+ "file:///etc/updater/keys/test.pub" -- It is normal for this one to not be present in production systems
+ }
+}
+
+-- Turris repository server URL (or override)
+local repo_url = "https://repo.turris.cz"
+local config, config_error = loadfile("/etc/updater/turris-repo.lua")
+if config then
+ config = config()
+ if config.url ~= nil then
+ repo_url = config.url
+ for _, field in {"pubkey", "ca", "crl", "ocsp"} do
+ if config[field] ~= nil then
+ script_options[field] = config[field]
+ end
+ end
+ end
+else
+ WARN("Failed to load /etc/updater/turris-repo.lua: " .. tostring(config_error))
+end
+
+-- Common URI to Turris OS lists
+local base_url
+if mode == "branch" then
+ base_url = repo_url .. "/" .. branch .. "/" .. board .. "/lists/"
+elseif mode == "version" then
+ base_url = repo_url .. "/archive/" .. version .. "/" .. board .. "/lists/"
+else
+ DIE("Invalid updater.turris.mode specified: " .. mode)
+end
+
+-- The distribution base script. It contains the repository and bunch of basic packages
+Script(base_url .. "base.lua", script_options)
+
+-- Additional enabled distribution lists forced by boot arguments
+if root_dir == "/" then
+ local cmdf = io.open("/proc/cmdline")
+ if cmdf then
+ for cmdarg in cmdf:read():gmatch('[^ ]+') do
+ local key, value = cmdarg:match('([^=]+)=(.*)')
+ if key == "turris_lists" then
+ for list in value:gmatch('[^,]+') do
+ Script(base_url .. list .. ".lua", script_options)
+ end
+ end
+ end
+ cmdf:close()
+ end
+end
diff --git a/updater-ng/files/uci-defaults b/updater-ng/files/uci-defaults
new file mode 100644
index 0000000..63fe73b
--- /dev/null
+++ b/updater-ng/files/uci-defaults
@@ -0,0 +1,16 @@
+#!/bin/sh
+set -eu
+
+# bootstrap file is created to store content of BOOTSTRAP_UPDATER_BRANCH
+# environment variable, if defined, when updater is run in out root mode (the way
+# bootstrap is performed).
+# BOOTSTRAP_UPDATER_BRANCH contains simply target branch for updater (eg. HBL or HBD).
+bootstrap="/usr/share/updater/bootstrap-updater-branch"
+
+if [ -f "$bootstrap" ]; then
+ uci -q batch <<-EOF
+ set updater.turris.branch='$(cat "$bootstrap")'
+ commit updater.turris.branch
+ EOF
+ rm -f "$bootstrap"
+fi
diff --git a/updater-ng/files/update_alternatives.sh b/updater-ng/files/update_alternatives.sh
new file mode 100755
index 0000000..c93ae45
--- /dev/null
+++ b/updater-ng/files/update_alternatives.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+set -e
+
+if [ $# -gt 0 ]; then
+ echo "This script is part of updater and allows user to manually fix alternative links in system." >&2
+ exit 0
+fi
+
+if [ ! -d /usr/lib/opkg/info ]; then
+ echo "OPKG info directory not located. This is OpenWrt system, isn't it?" >&2
+ exit 1
+fi
+
+# Fist install all busybox applets and then overwite them with alternatives
+
+busybox --install /bin
+
+sed -n 's/^Alternatives://p' /usr/lib/opkg/info/*.control | \
+ tr , '\n' | \
+ sort -n | \
+ while IFS=: read PRIO TRG SRC; do
+ ln -sf "$SRC" "$TRG"
+ done
diff --git a/updater-ng/files/updater.config b/updater-ng/files/updater.config
new file mode 100644
index 0000000..82e220e
--- /dev/null
+++ b/updater-ng/files/updater.config
@@ -0,0 +1,4 @@
+
+config turris 'turris'
+ option mode 'branch'
+