Skip to content

plug:install packages

Jump to bottom Edit New page
Keith edited this page Feb 4, 2020 · 17 revisions

Packages and Portable Containers

This unit finds all tarballs placed by ignition in the /opt/inbox directory and feeds them to an installer script coreos-install-pkg.sh (see below), which handles two use cases:

  1. A package of code installed by a shell script
  2. A systemd portable service installed via portablectl attach ...

The script coreos-install-pkg.sh uncompresses the tarball to /usr/local/lib/

Then it looks to run /usr/local/lib/<PKG>/pkg/scripts/install.sh as a simple install script, this script may be overriden via ignition if the tarball is accompanied by a /opt/inbox/<pkg_name>.install.sh

Alternatively it may also "attach" the package as a systemd portable service. It installs pkg/portable.conf in /etc/<PKG_NAME> if it does not exist. This allows ignition to provide an alternative portable.conf (see portable-goss) for an example)

systemd.units[+]:
    name: install-pkgs.service
    enabled: true
    contents: |
        [Unit]
        Description=Install Packages & Attach Portable Services
        ConditionFirstBoot=yes
        After=network-online.target
        Before=boot-complete.target
      
        [Service]
        Type=oneshot
        ExecStartPre=setenforce Permissive
        ExecStart=-find /opt/inbox -mindepth 3 -maxdepth 3 -name "*.tar.[xg]z" \
                  -exec sh /usr/local/libexec/coreos-install-pkg.sh {} \;
        [Install]
        RequiredBy=boot-complete.target

This installer script unpacks the tarball and treats it as either

  • A Portable Service - attached, enabled and started (under the specified security profile)
  • A Package - installed (./pkg/install.sh is run under a specified user account)
  • or both
storage.files[+]:
    path: /usr/local/libexec/coreos-install-pkg.sh
    mode: 0755
    user:
        id: 0
    group:
        id: 0
    contents:
        inline: |
            PACKAGES="/usr/local/lib"
            TAR_PATH="$1"
            IFS=/ read -r a b c PROFILE USER ARCHIVE <<< "$TAR_PATH"
            PKG="${ARCHIVE%.tar.[xg]z}"
            PKG_NAME="${PKG%_*}"
            EXTN="${ARCHIVE##*.}"
            mkdir -p "$PACKAGES/$PKG"
            [[ "$EXTN" == "gz" ]] && options="xvfz"
            [[ "$EXTN" == "xz" ]] && options="xvfJ"
            tar $options "$TAR_PATH" --strip-components 1 -C $PACKAGES/$PKG && \
               ln -s "$PKG" "$PACKAGES/$PKG_NAME"
            OVERRIDE_INSTALL_SH="${TAR_PATH%.tar.[xg]z}.install.sh"
            INSTALL_SH="$PACKAGES/$PKG/pkg/scripts/install.sh"
            [[ -e "$OVERRIDE_INSTALL_SH" ]] && cp "$OVERRIDE_INSTALL_SH" "$INSTALL_SH"
            [[ -f "$INSTALL_SH" ]] && su -m "$USER" "$INSTALL_SH" "$PACKAGES/$PKG_NAME"
            mkdir -p "/etc/$PKG_NAME"
            CONF="/etc/$PKG_NAME/portable.conf"
            [[ ! -f "$CONF" ]] && cp "$PACKAGES/$PKG/pkg/portable.conf" "$CONF" || true
            if [[ -f "$CONF" ]]; then
              portablectl attach --no-reload --copy=symlink "--profile=$PROFILE" "$PACKAGES/$PKG" || true
              systemctl enable $(grep "^UNITS_ENABLE=" "$CONF" | cut -d '=' -f2) || true
              systemctl start $(grep "^UNITS_START=" "$CONF" | cut -d '=' -f2) || true
            fi
            echo "Finished installing $PACKAGES/$PKG"
Add a custom footer
Add a custom sidebar
Clone this wiki locally