github/kairos
7
0
Fork 0
mirror of https://github.com/kairos-io/kairos.git synced 2025-02-09 05:18:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

1726 move logic to overlays (#1738)

Browse Source 
* Replace bootargs.cfg file with a stage that generates it

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Move nvidia specific files to cloud-init

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Move alpine files to cloud-init

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Add TODO to fix nvidia partitioning config

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Remove not used overlay file for opensuse

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Install overlay files as a package

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Simplify framework target

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Remove `overlay/` directory from yamlling

because it doesn't exist anymore

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Bump luet repo

to get this fix:

https://github.com/kairos-io/packages/pull/386

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Don't try to lint non-existent dir

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Add pipefail to default shell

because when apt fails to fetch information (with errors) the whole job
should fail

https://github.com/actions/runner/issues/353#issuecomment-1067227665
https://github.com/actions/runner/issues/353

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

---------

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
This commit is contained in:
Dimitris Karakasilis 2023-08-21 14:29:29 +03:00 committed by GitHub
parent 47d5bd9770
commit fd68f65f59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
58 changed files with 17 additions and 1057 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/lint.yml vendored
View File

@ -12,5 +12,5 @@ jobs:
call-workflow:
uses: kairos-io/linting-composite-action/.github/workflows/reusable-linting.yaml@v0.0.6
with:
yamldirs: ".github/workflows/ overlay/"
yamldirs: ".github/workflows/"
is-go: false

3
.github/workflows/reusable-encryption-test.yaml vendored
View File

@ -13,6 +13,9 @@ on:
jobs:
test:
runs-on: ubuntu-latest
defaults:
run:
shell: bash -eo pipefail {0}
steps:
- name: Release space from worker
run: |

48
Earthfile
View File

@ -196,7 +196,7 @@ shellcheck-lint:
yamllint:
FROM cytopia/yamllint
COPY . .
RUN yamllint .github/workflows/ overlay/
RUN yamllint .github/workflows/
lint:
BUILD +hadolint
@ -238,18 +238,22 @@ luet:
### Image Build targets
###
# This generates the framework base by installing luet packages generated with the profile-build + framework-profile.yaml
# file
# This generates the framework base by installing luet packages generated with
# the profile-build + framework-profile.yaml file.
# Installs everything under the /framework dir and saves that as an artifact
framework-luet:
framework:
FROM golang:alpine
ARG FLAVOR
WORKDIR /build
COPY ./profile-build /build
COPY framework-profile.yaml /build
COPY +luet/luet /usr/bin/luet
RUN go run main.go ${FLAVOR} framework-profile.yaml /framework
RUN luet cleanup --system-target /framework
# COPY luet into the final framework
# TODO: Understand why?
COPY +luet/luet /framework/usr/bin/luet
@ -258,38 +262,6 @@ framework-luet:
RUN rm -rf /framework/var/luet
RUN rm -rf /framework/var/cache
SAVE ARTIFACT --keep-own /framework framework-luet
framework:
FROM alpine
ARG FLAVOR
ARG MODEL
# This ARG does nothing?
ARG VERSION
COPY +framework-luet/framework-luet /framework
# Copy overlay files
# TODO: Make this also a package?
COPY overlay/files /framework
# Copy common overlay files for Raspberry Pi
IF [ "$MODEL" = "rpi3" ] || [ "$MODEL" = "rpi4" ]
COPY overlay/files-rpi/ /framework
END
# Copy flavor-specific overlay files
IF [[ "$FLAVOR" =~ ^alpine* ]]
COPY overlay/files-alpine/ /framework
ELSE IF [ "$FLAVOR" = "fedora" ] || [ "$FLAVOR" = "rockylinux" ] || [ "$FLAVOR" = "almalinux" ]
COPY overlay/files-fedora/ /framework
ELSE IF [ "$FLAVOR" = "debian" ] || [ "$FLAVOR" = "ubuntu" ] || [ "$FLAVOR" = "ubuntu-20-lts" ] || [ "$FLAVOR" = "ubuntu-22-lts" ] || [[ "$FLAVOR" =~ ^ubuntu-.*-lts-arm-.*$ ]]
COPY overlay/files-ubuntu/ /framework
END
IF [[ "$FLAVOR" = "ubuntu-20-lts-arm-nvidia-jetson-agx-orin" ]]
COPY overlay/files-nvidia/ /framework
END
SAVE ARTIFACT --keep-own /framework/ framework
build-framework-image:
@ -306,7 +278,7 @@ build-framework-image:
FROM scratch
COPY (+framework/framework --VERSION=$VERSION --FLAVOR=$FLAVOR) /
COPY (+framework/framework --FLAVOR=$FLAVOR) /
SAVE IMAGE --push $IMAGE_REPOSITORY_ORG/framework:${VERSION}_${FLAVOR}
@ -343,7 +315,7 @@ base-image:
END
# Includes overlay/files
COPY (+framework/framework --FLAVOR=$FLAVOR --VERSION=$OS_VERSION --MODEL=$MODEL) /
COPY (+framework/framework --FLAVOR=$FLAVOR) /
# Avoid to accidentally push keys generated by package managers
RUN rm -rf /etc/ssh/ssh_host_*

5
framework-profile.yaml
View File

@ -137,6 +137,7 @@ common-packages:
- dracut/immucore
- system/suc-upgrade
- system/grub2-efi
- bundles/kairos-overlay-files
kairos-toolchain-fips:
packages:
- fips/kcrypt
@ -173,9 +174,9 @@ repositories:
priority: 2
urls:
- "quay.io/kairos/packages"
reference: 20230818104636-repository.yaml
reference: 20230818143315-repository.yaml
- !!merge <<: *kairos
arch: arm64
urls:
- "quay.io/kairos/packages-arm64"
reference: 20230818112917-repository.yaml
reference: 20230818143650-repository.yaml

12
overlay/files-alpine/etc/init.d/kairos-agent
View File

@ -1,12 +0,0 @@
#!/sbin/openrc-run
depend() {
provide kairos-agent
after cos-setup-network
use net
}
start() {
kairos-agent start
eend $?
}

15
overlay/files-alpine/etc/init.d/kairos-webui
View File

@ -1,15 +0,0 @@
#!/sbin/openrc-run
depend() {
provide kairos-webui
}
supervisor=supervise-daemon
name="kairos-webui"
command="kairos-agent webui"
supervise_daemon_args="--stdout /var/log/kairos/webui.log --stderr /var/log/kairos/webui.log"
pidfile="/run/${RC_SVCNAME}.pid"
respawn_delay=5
set -o allexport
if [ -f /etc/environment ]; then source /etc/environment; fi
set +o allexport

16
overlay/files-alpine/etc/issue
View File

@ -1,16 +0,0 @@


██╗ ██╗ █████╗ ██╗██████╗ ██████╗ ███████╗
██║ ██╔╝██╔══██╗██║██╔══██╗██╔═══██╗██╔════╝
█████╔╝ ███████║██║██████╔╝██║ ██║███████╗
██╔═██╗ ██╔══██║██║██╔══██╗██║ ██║╚════██║
██║ ██╗██║ ██║██║██║ ██║╚██████╔╝███████║
╚═╝ ╚═╝╚═╝ ╚═╝╚═╝╚═╝ ╚═╝ ╚═════╝ ╚══════╝

Welcome to kairos (login with user: kairos, password: kairos)
Kernel \r on an \m (\l)

11
overlay/files-fedora/etc/cos/bootargs.cfg
View File

@ -1,11 +0,0 @@
set kernel=/boot/vmlinuz
# temporarly disabling SELinux until we have a profile (https://github.com/kairos-io/kairos/issues/114)
if [ -n "$recoverylabel" ]; then
# Boot arguments when the image is used as recovery
set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5 selinux=0 rd.cos.oemlabel=COS_OEM"
else
# Boot arguments when the image is used as active/passive
set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label net.ifnames=1 cos-img/filename=$img panic=5 rd.cos.oemlabel=COS_OEM selinux=0"
fi
set initramfs=/boot/initrd

9
overlay/files-nvidia/etc/cos/bootargs.cfg
View File

@ -1,9 +0,0 @@
set kernel=/boot/vmlinuz
if [ -n "$recoverylabel" ]; then
set kernelcmd="console=tty1 console=ttyTCU0,115200 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemtimeout=10"
else
set kernelcmd="console=tty1 console=ttyTCU0,115200 root=LABEL=$label net.ifnames=1 cos-img/filename=$img panic=5 security=selinux selinux=1 rd.cos.oemtimeout=10 rd.cos.oemlabel=COS_OEM"
fi
set initramfs=/boot/initrd

1
overlay/files-nvidia/etc/dracut.conf.d/iscsi.conf
View File

@ -1 +0,0 @@
omit_dracutmodules+=" iscsi "

21
overlay/files-nvidia/etc/elemental/config.yaml
View File

@ -1,21 +0,0 @@
cosign: false
verify: false
install:
grub-entry-name: "Kairos"
system:
size: 4500
recovery-system:
size: 4500
upgrade:
grub-entry-name: "Kairos"
recovery-system:
size: 4500
system:
size: 4500
reset:
grub-entry-name: "Kairos"
system:
size: 4500
cloud-init-paths:
- /run/initramfs/cos-state
# - /run/initramfs/live

18
overlay/files-nvidia/system/oem/mount.yaml
View File

@ -1,18 +0,0 @@
## TODO: this is a workaround
## The orin packages are writing to /usr/local, which is mounted to COS_PERSISTENT.
## We probably should run this in immucore, overlaying the /usr/local of the image to COS_PERSISTENT.
## For the time being, doing it in the cloud configs.
#
### Note: This have the consequences of everything stored inside /usr/local to go inside the "local" directory inside the partition.
### Usually this is not the case as there is no need of subtrees, but due to how overlayfs work the workdir and uppermount needs to be in the same filesystem.
stages:
initramfs.before:
- commands:
- umount /usr/local
- |
mkdir -p /run/mount/persistent && \
mount /dev/disk/by-label/COS_PERSISTENT /run/mount/persistent && \
mkdir -p /run/mount/persistent/work /run/mount/persistent/local && \
mount -t overlay \
-o lowerdir=/usr/local,upperdir=/run/mount/persistent/local,workdir=/run/mount/persistent/work \
/usr/local

1
overlay/files-opensuse/etc/dracut.conf.d/02-zfs.conf
View File

@ -1 +0,0 @@
omit_dracutmodules+=" zfs "

18
overlay/files-rpi/etc/cos/bootargs.cfg
View File

@ -1,18 +0,0 @@
set kernel=/boot/vmlinuz
# Note on RPI bootargs
# We additionally set modprobe.blacklist=vc4 as certain Displays are not supported by vc4.
# As kairos main target is cloud and not graphics usage, we blacklist it to avoid
# that the HDMI output goes off due to drivers kicking during boot. vc4 is required where graphics
# or video playback is needed, which is not the case in this example here.
# A similar workaround could be applied at config.txt level, by diabling the vc4 overlay.
# See also: https://en.opensuse.org/HCL:Raspberry_Pi3#I_see_HDMI_output_in_U-Boot.2C_but_not_in_Linux ,
# https://en.opensuse.org/HCL:Raspberry_Pi3#DSI_output_not_supported_by_VC4_driver,
# https://bugzilla.opensuse.org/show_bug.cgi?id=1181683 and https://github.com/raspberrypi/linux/issues/4020
if [ -n "$recoverylabel" ]; then
set kernelcmd="console=tty1 console=ttyS0,115200 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 modprobe.blacklist=vc4 rd.cos.oemtimeout=10"
else
set kernelcmd="console=tty1 console=ttyS0,115200 root=LABEL=$label net.ifnames=1 cos-img/filename=$img panic=5 security=selinux selinux=1 modprobe.blacklist=vc4 rd.cos.oemtimeout=10 rd.cos.oemlabel=COS_OEM"
fi
set initramfs=/boot/initrd

8
overlay/files-ubuntu/etc/cos/bootargs.cfg
View File

@ -1,8 +0,0 @@
set kernel=/boot/vmlinuz
if [ -n "$recoverylabel" ]; then
set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemlabel=COS_OEM"
else
set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label cos-img/filename=$img panic=5 security=selinux selinux=1 rd.cos.oemlabel=COS_OEM rd.neednet=0 vga=795"
fi
set initramfs=/boot/initrd

5
overlay/files/etc/bash.bashrc.local
View File

@ -1,5 +0,0 @@
if [ -z "$KUBECONFIG" ]; then
if [ -e /etc/rancher/k3s/k3s.yaml ]; then
export KUBECONFIG="/etc/rancher/k3s/k3s.yaml"
fi
fi

10
overlay/files/etc/cos/bootargs.cfg
View File

@ -1,10 +0,0 @@
set kernel=/boot/vmlinuz
if [ -n "$recoverylabel" ]; then
# Boot arguments when the image is used as recovery
set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemlabel=COS_OEM"
else
# Boot arguments when the image is used as active/passive
set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label net.ifnames=1 cos-img/filename=$img rd.emergency=reboot rd.shell=0 panic=5 security=selinux rd.cos.oemlabel=COS_OEM selinux=1 fsck.mode=force fsck.repair=yes systemd.crash_reboot=yes"
fi
set initramfs=/boot/initrd

7
overlay/files/etc/default/console-setup
View File

@ -1,7 +0,0 @@
ACTIVE_CONSOLES="/dev/tty[1-6]"
FONT="default8x16.psf.gz"
CHARMAP="UTF-8"
CODESET="guess"
FONTFACE="default"
FONTSIZE="8x16"
SCREEN_WIDTH="100"

11
overlay/files/etc/issue.d/01-KAIROS
View File

@ -1,11 +0,0 @@


_/ _/ _/
_/ _/ _/_/_/ _/ _/_/ _/_/ _/_/_/
_/_/ _/ _/ _/ _/_/ _/ _/ _/_/
_/ _/ _/ _/ _/ _/ _/ _/ _/_/
_/ _/ _/_/_/ _/ _/ _/_/ _/_/_/


31
overlay/files/etc/kairos/branding/grubmenu.cfg
View File

@ -1,31 +0,0 @@
menuentry "Kairos remote recovery" --id remoterecovery {
if search.file /cOS/recovery.squashfs ; then
set img=/cOS/recovery.squashfs
set recoverylabel=COS_RECOVERY
else
set img=/cOS/recovery.img
fi
search.fs_label COS_RECOVERY root
set label=COS_SYSTEM
loopback loop0 /$img
set root=($root)
source (loop0)/etc/cos/bootargs.cfg
linux (loop0)$kernel $kernelcmd ${extra_cmdline} ${extra_recovery_cmdline} vga=795 nomodeset kairos.remote_recovery_mode
initrd (loop0)$initramfs
}
menuentry "Kairos state reset (auto)" --id statereset {
if search.file /cOS/recovery.squashfs ; then
set img=/cOS/recovery.squashfs
set recoverylabel=COS_RECOVERY
else
set img=/cOS/recovery.img
fi
search.fs_label COS_RECOVERY root
set label=COS_SYSTEM
loopback loop0 /$img
set root=($root)
source (loop0)/etc/cos/bootargs.cfg
linux (loop0)$kernel $kernelcmd ${extra_cmdline} ${extra_recovery_cmdline} vga=795 nomodeset kairos.reset
initrd (loop0)$initramfs
}

11
overlay/files/etc/kairos/branding/install_text
View File

@ -1,11 +0,0 @@
Welcome to Kairos!
P2P device installation enrollment is starting.
A QR code will be displayed below.
In another machine, run "kairos register" with the QR code visible on screen,
or "kairos register <file>" to register the machine from a photo.
IF the qrcode is not displaying correctly,
try booting with another vga option from the boot cmdline (e.g. vga=791).
Press any key to abort pairing. To restart run 'kairos install'.
Starting in 5 seconds...

1
overlay/files/etc/kairos/branding/interactive_install_text
View File

@ -1 +0,0 @@
Interactive installation. Documentation is available at https://kairos.io.

9
overlay/files/etc/kairos/branding/recovery_text
View File

@ -1,9 +0,0 @@
Welcome to kairos recovery mode!
P2P device recovery mode is starting.
A QR code with a generated network token will be displayed below that can be used to connect
over with "kairos bridge --qr-code-image /path/to/image.jpg" from another machine,
further instruction will appear on the bridge CLI to connect over via SSH.
IF the qrcode is not displaying correctly,
try booting with another vga option from the boot cmdline (e.g. vga=791).
Press any key to abort recovery. To restart the process run 'kairos recovery'.

6
overlay/files/etc/kairos/branding/reset_text
View File

@ -1,6 +0,0 @@
Welcome to kairos!
The node will automatically reset its state in a few.
Press any key to abort this process. To restart run 'kairos reset'.
Starting in 60 seconds...

8
overlay/files/etc/logrotate.d/kairos
View File

@ -1,8 +0,0 @@
/var/log/kairos/*.log {
create
daily
compress
copytruncate
missingok
rotate 3
}

3
overlay/files/etc/motd
View File

@ -1,3 +0,0 @@
Welcome to Kairos!
Refer to https://kairos.io for documentation.

0
overlay/files/etc/runlevels/.keep
View File

10
overlay/files/etc/systemd/system/kairos-agent.service
View File

@ -1,10 +0,0 @@
[Unit]
Description=kairos agent
After=cos-setup-network.service
Wants=network.target
[Service]
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/kairos-agent start
[Install]
WantedBy=multi-user.target

14
overlay/files/etc/systemd/system/kairos-interactive.service
View File

@ -1,14 +0,0 @@
[Unit]
Description=kairos interactive-installer
After=sysinit.target
[Service]
Type=oneshot
StandardInput=tty
StandardOutput=tty
LimitNOFILE=49152
ExecStartPre=-/bin/sh -c "dmesg -D"
TTYPath=/dev/tty1
RemainAfterExit=yes
ExecStart=/usr/bin/kairos-agent interactive-install --shell
[Install]
WantedBy=multi-user.target

15
overlay/files/etc/systemd/system/kairos-recovery.service
View File

@ -1,15 +0,0 @@
[Unit]
Description=kairos recovery
After=sysinit.target
[Service]
Type=oneshot
StandardInput=tty
StandardOutput=tty
LimitNOFILE=49152
ExecStartPre=-/bin/sh -c "dmesg -D"
ExecStartPre=-/bin/sh -c "sysctl -w net.core.rmem_max=2500000"
TTYPath=/dev/tty1
RemainAfterExit=yes
ExecStart=/usr/bin/kairos-agent recovery
[Install]
WantedBy=multi-user.target

13
overlay/files/etc/systemd/system/kairos-reset.service
View File

@ -1,13 +0,0 @@
[Unit]
Description=kairos reset
After=sysinit.target
[Service]
Type=oneshot
StandardInput=tty
StandardOutput=tty
LimitNOFILE=49152
TTYPath=/dev/tty1
RemainAfterExit=yes
ExecStart=/usr/bin/kairos-agent reset
[Install]
WantedBy=multi-user.target

8
overlay/files/etc/systemd/system/kairos-webui.service
View File

@ -1,8 +0,0 @@
[Unit]
Description=kairos installer
After=sysinit.target
[Service]
ExecStart=/usr/bin/kairos-agent webui
TimeoutStopSec=10s
[Install]
WantedBy=multi-user.target

15
overlay/files/etc/systemd/system/kairos.service
View File

@ -1,15 +0,0 @@
[Unit]
Description=kairos installer
After=sysinit.target
[Service]
Type=oneshot
StandardInput=tty
StandardOutput=tty
LimitNOFILE=49152
ExecStartPre=-/bin/sh -c "dmesg -D"
TTYPath=/dev/tty1
RemainAfterExit=yes
ExecStart=/usr/bin/kairos-agent install
TimeoutStopSec=10s
[Install]
WantedBy=multi-user.target

31
overlay/files/system/oem/00_datasource.yaml
View File

@ -1,31 +0,0 @@
name: "Datasource handling"
stages:
rootfs.before:
- &datasource
if: '[ ! -f /oem/userdata ]'
name: "Pull data from provider"
datasource:
providers: ["cdrom", "gcp", "openstack", "aws", "azure", "hetzner", "packet", "vultr", "digitalocean", "metaldata"]
path: "/oem"
- if: '[ ! -f /oem/userdata ]'
name: "Sentinel file for userdata"
files:
- path: /run/.userdata_load
initramfs.before:
- <<: *datasource
- if: '[ ! -f /oem/userdata ]'
files:
- path: /run/.userdata_load
# After network, if no datasource could be pulled, we stop trying
network:
- <<: *datasource
- if: '[ -f /oem/userdata ] && [ -f /run/.userdata_load ]'
name: "Run stages if userdata is found"
commands:
- kairos-agent run-stage initramfs
- kairos-agent run-stage boot
- rm -rf /run/.userdata_load
- if: '[ ! -f /oem/userdata ] && [ -f /run/.userdata_load ]'
name: "Remove userdata sentinel"
commands:
- rm -rf /run/.userdata_load

193
overlay/files/system/oem/00_rootfs.yaml
View File

@ -1,193 +0,0 @@
# Rootfs Kairos OEM configuration file
#
# This file is part of Kairos and will get reset during upgrades.
#
# Before you change this file manually,
# consider copying this file to /usr/local/cloud-config or
# copy the file with a prefix starting by 90, e.g. /oem/91_custom.yaml
name: "Rootfs Layout Settings"
stages:
rootfs:
- name: "Mount BPF on Alpine systems"
if: '[ ! -e "/sbin/systemctl" ] && [ ! -e "/usr/bin/systemctl" ] && [ ! -e "/usr/sbin/systemctl" ] && [ ! -e "/usr/bin/systemctl" ]'
commands:
- mount bpffs -o rw,nosuid,nodev,noexec,relatime,mode=700 /sys/fs/bpf -t bpf
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -e "/run/cos/uki_mode" ]'
name: "Layout configuration for active/passive mode"
environment_file: /run/cos/cos-layout.env
environment:
VOLUMES: "LABEL=COS_PERSISTENT:/usr/local"
OVERLAY: "tmpfs:25%"
RW_PATHS: "/var /etc /srv"
PERSISTENT_STATE_PATHS: >-
/etc/systemd
/etc/modprobe.d
/etc/rancher
/etc/sysconfig
/etc/runlevels
/etc/ssh
/etc/ssl/certs
/etc/iscsi
/etc/zfs
/etc/cni
/etc/kubernetes
/home
/opt
/root
/snap
/var/snap
/usr/libexec
/var/log
/var/lib/containerd
/var/lib/rancher
/var/lib/kubelet
/var/lib/snapd
/var/lib/wicked
/var/lib/longhorn
/var/lib/cni
/var/lib/dbus
/usr/share/pki/trust
/usr/share/pki/trust/anchors
/var/lib/ca-certificates
PERSISTENT_STATE_BIND: "true"
- if: '[ -f "/run/cos/recovery_mode" ]'
# omit the persistent partition on recovery mode
name: "Layout configuration for recovery mode"
environment_file: /run/cos/cos-layout.env
environment:
OVERLAY: "tmpfs:25%"
- if: grep -q "kairos.boot_live_mode" /proc/cmdline
name: "Layout configuration for booting local node from livecd"
environment_file: /run/cos/cos-layout.env
environment:
VOLUMES: "LABEL=COS_PERSISTENT:/usr/local"
OVERLAY: "tmpfs:25%"
RW_PATHS: "/var /etc /srv"
PERSISTENT_STATE_PATHS: >-
/etc/systemd
/etc/modprobe.d
/etc/rancher
/etc/sysconfig
/etc/runlevels
/etc/ssh
/etc/ssl/certs
/etc/iscsi
/etc/cni
/etc/kubernetes
/home
/opt
/root
/snap
/var/snap
/usr/libexec
/var/log
/var/lib/containerd
/var/lib/rancher
/var/lib/kubelet
/var/lib/snapd
/var/lib/wicked
/var/lib/longhorn
/var/lib/cni
/usr/share/pki/trust
/usr/share/pki/trust/anchors
/var/lib/ca-certificates
PERSISTENT_STATE_BIND: "true"
- if: '[ -e "/run/cos/uki_mode" ]'
# omit the persistent partition on uki mode
# And mount all persistent mounts under the overlay
name: "Layout configuration for UKI"
environment_file: /run/cos/cos-layout.env
environment:
RW_PATHS: "/var /etc /srv /usr"
OVERLAY: "tmpfs:25%"
PERSISTENT_STATE_PATHS: >-
/var
/etc
/etc/systemd
/etc/modprobe.d
/etc/rancher
/etc/sysconfig
/etc/runlevels
/etc/ssh
/etc/ssl/certs
/etc/iscsi
/etc/cni
/etc/kubernetes
/home
/opt
/root
/var/snap
/usr/libexec
/var/log
/var/lib/containerd
/var/lib/rancher
/var/lib/kubelet
/var/lib/snapd
/var/lib/wicked
/var/lib/longhorn
/var/lib/cni
/usr/share/pki/trust
/usr/share/pki/trust/anchors
/var/lib/ca-certificates
rootfs.after:
- if: '[ -r /run/cos/custom-layout.env ] && [ ! -f "/run/cos/recovery_mode" ] && [ ! -f /run/cos/live_mode ]'
name: "add custom bind and ephemeral mounts to /run/cos/cos-layout.env"
commands:
- |
source /run/cos/cos-layout.env
source /run/cos/custom-layout.env
PERSISTENT_STATE_PATHS="${PERSISTENT_STATE_PATHS} ${CUSTOM_BIND_MOUNTS} "
RW_PATHS="${RW_PATHS} ${CUSTOM_EPHEMERAL_MOUNTS}"
# Remove the existing lines that we are gonna rewrite
sed -i "/RW_PATHS/d" /run/cos/cos-layout.env
sed -i "/PERSISTENT_STATE_PATHS/d" /run/cos/cos-layout.env
# Add the new lines
echo "# rw paths with user bind mounts" >> /run/cos/cos-layout.env
echo RW_PATHS=\"${RW_PATHS}\" >> /run/cos/cos-layout.env
echo "# persistent state paths with user ephemeral mounts" >> /run/cos/cos-layout.env
echo PERSISTENT_STATE_PATHS=\"${PERSISTENT_STATE_PATHS}\" >> /run/cos/cos-layout.env
- if: '[ ! -f /run/cos/recovery_mode ] && [ ! -f /run/cos/live_mode ]'
name: "Grow persistent"
layout:
device:
label: COS_PERSISTENT
expand_partition:
# Size 0 is required to specify all remaining space
size: 0
initramfs:
- name: "Create journalctl /var/log/journal dir"
if: '[ -e "/sbin/systemctl" ] || [ -e "/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
directories:
- path: /var/log/journal
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ -s /usr/local/etc/machine-id ]'
name: "Restore /etc/machine-id for systemd systems"
commands:
- cat /usr/local/etc/machine-id > /etc/machine-id
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ -s /var/lib/dbus/machine-id ] && [ -f "/sbin/openrc" ]'
name: "Restore /etc/machine-id for openrc systems"
commands:
- cat /var/lib/dbus/machine-id > /etc/machine-id
fs:
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -s /usr/local/etc/machine-id ] '
name: "Save /etc/machine-id for systemd systems"
commands:
- |
mkdir -p /usr/local/etc
cp /etc/machine-id /usr/local/etc
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -s /var/lib/dbus/machine-id ] && [ -f "/sbin/openrc" ]'
name: "Save /etc/machine-id for openrc systems"
commands:
- |
mkdir -p /var/lib/dbus/
cp /etc/machine-id /var/lib/dbus/
fs.after:
- if: "[ ! -d /usr/local/cloud-config ]"
name: "Ensure /usr/local/cloud-config exists"
commands:
- mkdir /usr/local/cloud-config
- chmod 600 /usr/local/cloud-config
boot.before:
- name: "Mount tmp on alpine"
if: "[[ $(kairos-agent state get kairos.flavor) =~ ^alpine ]]"
commands:
- mount --make-rshared /

11
overlay/files/system/oem/02_agent.yaml
View File

@ -1,11 +0,0 @@
name: "Start agent"
stages:
boot:
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ -d "/usr/share/systemd" ]'
commands:
- systemctl start kairos-agent
- systemctl enable kairos-agent
initramfs:
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ -d "/usr/share/systemd" ]'
commands:
- systemctl enable kairos-agent

6
overlay/files/system/oem/02_notify.yaml
View File

@ -1,6 +0,0 @@
name: "Notify Kairos Plugins of Elemental Events"
stages:
initramfs:
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -f "/run/cos/live_mode" ]'
commands:
- kairos-agent notify agent.boot

7
overlay/files/system/oem/03-setupcon.yaml
View File

@ -1,7 +0,0 @@
name: "Fonts fix for ubuntu"
stages:
initramfs.after:
- if: "[[ $(kairos-agent state get kairos.flavor) =~ ^ubuntu ]]"
name: "setupcon initramfs.after ubuntu"
commands:
- setupcon

24
overlay/files/system/oem/05_network.yaml
View File

@ -1,24 +0,0 @@
name: "Default network configuration"
stages:
initramfs:
- name: "Disable NetworkManager and wicked"
if: '[ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
systemctl:
disable:
- NetworkManager
- wicked
- name: "Enable systemd-network and systemd-resolved"
if: '[ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
systemctl:
enable:
- systemd-networkd
- systemd-resolved
- name: "Link /etc/resolv.conf to systemd resolv.conf"
if: '([ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]) && [ -f /etc/hosts ]'
commands:
- rm /etc/resolv.conf
- ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
# dns:
# path: /etc/resolv.conf
# nameservers:
# - 8.8.8.8

131
overlay/files/system/oem/08_grub.yaml
View File

@ -1,131 +0,0 @@
# Rootfs Kairos OEM configuration file
#
# This file is part of Kairos and will get reset during upgrades.
# The boot assessment works in this way:
# - After we upgrade, we set a grub env sentinel variable indicating that we did run an upgrade
# - At the first boot, if we did an upgrade, we set another sentinel variable, which indicates we are trying to boot
# - If we boot fine, we remove both sentinels
# - If we get back again at the GRUB menu, a failure must have occurred and we select the fallback entry, creating also
# sentinels files and a specific cmdline option indicating we failed booting after an upgrade
name: "Boot assessment and branding"
stages:
boot.before:
# Remove any grub sentinel and add
# System sentinel to /run to indicate if we are booting after a failed upgrade.
# This needs to run only on the active partition.
# To note, we could similarly enable boot assessment always, also besides upgrades.
# In this case it is enough to reset only boot_assessment_tentative here, and set
# enable_boot_assessment to 'yes'.
# This can be then customized easily by having a cloud-config file which always enables boot assessment on
# the boot stage.
- name: "Remove GRUB sentinels"
if: |
cat /proc/cmdline | grep -q "active.img"
commands:
- |
mount -o rw,remount /run/initramfs/cos-state
grub2-editenv /run/initramfs/cos-state/boot_assessment set enable_boot_assessment=
grub2-editenv /run/initramfs/cos-state/boot_assessment set boot_assessment_tentative=
mount -o ro,remount /run/initramfs/cos-state
- name: "Create upgrade failure sentinel if necessary"
if: |
cat /proc/cmdline | grep -q "upgrade_failure"
files:
- path: /run/cos/upgrade_failure
content: "1"
permissions: 0600
owner: 0
group: 0
after-install:
# After install, reset, and upgrade, we install additional GRUB configuration for boot assessment into COS_STATE.
# We also add any branding that exists
- &statemount
name: "Mount state"
commands:
- |
STATEDIR=/tmp/mnt/STATE
STATE=$(blkid -L COS_STATE || true)
mkdir -p $STATEDIR || true
mount ${STATE} $STATEDIR
# Here we hook the boot assessment configuration to 'grubcustom'
# we do that selectively in order to just "append" eventual other configuration provided.
# XXX: maybe we should just write to /grubcustom and override any other custom grub?
- &customhook
name: "Hook boot assessment grub configuration"
if: |
! grep -q "grub_boot_assessment" /tmp/mnt/STATE/grubcustom
commands:
- |
cat << 'EOF' >> /tmp/mnt/STATE/grubcustom
set bootfile="/grub_boot_assessment"
search --no-floppy --file --set=bootfile_loc "${bootfile}"
if [ "${bootfile_loc}" ]; then
source "(${bootfile_loc})${bootfile}"
fi
EOF
# Overrides the active cmdline by adding "rd.emergency=reboot", "rd.shell=0" and "panic=5"
# so that any failure in booting initramfs or kernel loading results in a reboot.
# It loads then the boot assessment environment and overrides default boot target if
# a boot failure is detected.
# A boot is considered failed when both sentinel are present ( upgrade triggered, tentative ).
# The tentative sentinel is set after an upgrade was triggered.
# This configuration is separated so it can be tracked separately from the install hook
- &bootgrub
name: "Add boot assessment grub configuration"
files:
- path: "/tmp/mnt/STATE/grub_boot_assessment"
owner: 0
group: 0
permsisions: 0600
content: |
set extra_active_cmdline="rd.emergency=reboot rd.shell=0 panic=5 systemd.crash_reboot systemd.crash_shell=0"
set boot_assessment="/boot_assessment"
search --no-floppy --file --set=boot_assessment_blk "${boot_assessment}"
if [ "${boot_assessment_blk}" ]; then
load_env -f "(${boot_assessment_blk})${boot_assessment}"
fi
if [ "${enable_boot_assessment}" = "yes" -o "${enable_boot_assessment_always}" = "yes" ]; then
if [ -z "${selected_entry}" ]; then
if [ "${boot_assessment_tentative}" = "yes" ]; then
set default="fallback"
set extra_passive_cmdline="upgrade_failure"
else
set boot_assessment_tentative="yes"
save_env -f "(${boot_assessment_blk})${boot_assessment}" boot_assessment_tentative
fi
fi
fi
- &grubinstall
name: "Grub branding"
if: '[ -e "/etc/kairos/branding/grubmenu.cfg" ]'
commands:
- cp -rfv /etc/kairos/branding/grubmenu.cfg /tmp/mnt/STATE/grubmenu
- &stateumount
name: "umount state"
commands:
- umount /tmp/mnt/STATE
# Here we do enable boot assessment for the next bootup.
# Similarly, we could trigger boot assessment in other cases
after-upgrade:
- <<: *statemount
- name: "Set upgrade sentinel"
commands:
- |
grub2-editenv /tmp/mnt/STATE/boot_assessment set enable_boot_assessment=yes
# We do re-install hooks here if needed to track upgrades of boot assessment
- <<: *customhook
- <<: *grubinstall
- <<: *bootgrub
- <<: *stateumount
after-reset:
- <<: *statemount
# Reset completely restores COS_STATE, so we re-inject ourselves
- <<: *customhook
- <<: *grubinstall
- <<: *bootgrub
- <<: *stateumount

33
overlay/files/system/oem/09_services.yaml
View File

@ -1,33 +0,0 @@
# Rootfs Kairos OEM configuration file
#
# This file is part of Kairos and will get reset during upgrades.
name: "Default config"
stages:
boot:
- name: "Default sysctl settings"
sysctl:
net.core.rmem_max: 2500000
vm.max_map_count: 262144
initramfs:
- name: "Default systemd config"
if: '[ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
systemctl:
enable:
- multi-user.target
- getty@tty1
- iscsid
- systemd-timesyncd
- nohang
- nohang-desktop
- fail2ban
- logrotate.timer
- sshd
mask:
- purge-kernels
commands:
- systemctl set-default multi-user.target
- name: "Generate host keys"
# Make sure the host always has available keys
commands:
- ssh-keygen -A

55
overlay/files/system/oem/10_accounting.yaml
View File

@ -1,55 +0,0 @@
name: "Default user, permissions and serial login"
stages:
initramfs:
- name: "Setup groups"
ensure_entities:
- entity: |
kind: "group"
group_name: "admin"
password: "x"
gid: 900
- name: "Setup users"
users:
kairos:
passwd: "!"
shell: /bin/bash
homedir: "/home/kairos"
groups:
- "admin"
- name: "Set user password if running in live or uki"
if: "[ -e /run/cos/live_mode ] || [ -e /run/cos/uki_mode ]"
users:
kairos:
passwd: "kairos"
- name: "Setup sudo"
files:
- path: "/etc/sudoers"
owner: 0
group: 0
permsisions: 0600
content: |
Defaults always_set_home
Defaults secure_path="/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin:/usr/local/sbin"
Defaults env_reset
Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_ATIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
Defaults !insults
root ALL=(ALL) ALL
%admin ALL=(ALL) NOPASSWD: ALL
#includedir /etc/sudoers.d
commands:
- passwd -l root
- name: "Ensure runtime permission"
if: '[ -e "/oem" ]'
commands:
- chown -R root:admin /oem
- chmod 770 /oem
- name: "Ensure runtime permission"
if: '[ -e "/usr/local/cloud-config" ]'
commands:
- chown -R root:admin /usr/local/cloud-config
- chmod 770 /usr/local/cloud-config
- name: "Enable serial login for alpine" # https://wiki.alpinelinux.org/wiki/Enable_Serial_Console_on_Boot
if: '[ -e /sbin/rc-service ]'
commands:
- sed -i -e 's/ttyS0.*//g' /etc/inittab
- echo "ttyS0::respawn:/sbin/getty -L ttyS0 115200 vt100" >> /etc/inittab

15
overlay/files/system/oem/21_kcrypt.yaml
View File

@ -1,15 +0,0 @@
name: "Kcrypt"
stages:
after-upgrade:
- name: "Update plugins"
if: "[ $(kairos-agent state get oem.found) == 'true' ]"
commands:
- |
STATEDIR=/tmp/mnt/OEM
OEM=$(kairos-agent state get oem.name)
mkdir -p $STATEDIR || true
mount ${OEM} $STATEDIR
if [ -d "$STATEDIR/system/discovery" ]; then
cp -rfv /system/discovery/* $STATEDIR/system/discovery
fi
umount $STATEDIR

8
overlay/files/system/oem/23_c3os.yaml
View File

@ -1,8 +0,0 @@
name: "c3os sentinel migration"
stages:
fs.after:
- name: "Rename sentinel dir"
if: '[ -d "/usr/local/.c3os" ]'
commands:
- |
mv /usr/local/.c3os /usr/local/.kairos

17
overlay/files/system/oem/24_sysext.yaml
View File

@ -1,17 +0,0 @@
name: "sysext"
stages:
fs.after:
- name: "Default sysext extensions dirs"
if: '[ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
directories:
- path: /etc/extensions
- path: /run/extensions
- path: /var/lib/extensions
- path: /usr/lib/extensions
- path: /usr/local/lib/extensions
initramfs:
- name: "systemd-sysext initramfs settings"
if: '[ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
systemctl:
enable:
- systemd-sysext

20
overlay/files/system/oem/25_autologin.yaml
View File

@ -1,20 +0,0 @@
name: "Root autologin"
stages:
initramfs:
- if: |
[ ! $(cat /proc/cmdline | grep -q "interactive-install") ] && \
[ -f /run/cos/live_mode ] && \
( [ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] )
files:
- path: /etc/systemd/system/serial-getty@ttyS0.service.d/override.conf
content: |
[Service]
ExecStart=
ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM
permissions: 0644
- path: /etc/systemd/system/getty@tty1.service.d/override.conf
content: |
[Service]
ExecStart=
ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM
permissions: 0644

10
overlay/files/system/oem/26_selinux.yaml
View File

@ -1,10 +0,0 @@
name: "SELinux"
stages:
initramfs:
- name: "Relabelling"
if: |
cat /proc/cmdline | grep "selinux=1"
commands:
- |
load_policy -i
restorecon -R -i -v /etc /root /opt /srv /var /home /usr/local /oem

25
overlay/files/system/oem/26_vm.yaml
View File

@ -1,25 +0,0 @@
name: "Enable QEMU tools"
stages:
boot:
- name: "Enable QEMU"
if: |
grep -iE "qemu|kvm|Virtual Machine" /sys/class/dmi/id/product_name && [ -e /sbin/rc-service ]
commands:
- rc-service qemu-guest-agent start
- name: "Enable QEMU"
if: |
grep -iE "qemu|kvm|Virtual Machine" /sys/class/dmi/id/product_name && \
( [ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] )
commands:
- systemctl start qemu-guest-agent
- name: "Enable VBOX"
if: |
grep -iE "Virtualbox" /sys/class/dmi/id/product_name && [ -e /sbin/rc-service ]
commands:
- rc-service open-vm-tools start
- name: "Enable V"
if: |
grep -iE "Virtualbox" /sys/class/dmi/id/product_name && \
( [ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] )
commands:
- systemctl start vmtoolsd

7
overlay/files/system/oem/28_cgroups.yaml
View File

@ -1,7 +0,0 @@
stages:
initramfs.before:
- name: "Setup hybrid cgroups"
if: '[ -e /sbin/rc-service ]'
commands:
- echo 'rc_cgroup_mode="hybrid"' >> /etc/rc.conf
- echo 'rc_cgroup_controllers="cpuset cpu io memory hugetlb pids"' >> /etc/rc.conf

6
overlay/files/system/oem/29_blacklist.yaml
View File

@ -1,6 +0,0 @@
stages:
initramfs.before:
- name: "Blacklist bpfilter on Alpine ( bug: https://github.com/kairos-io/kairos/issues/277 )"
if: '[ -e /sbin/rc-service ]'
commands:
- echo "install bpfilter /bin/false" > /etc/modprobe.d/blacklist_bpfilter.conf

6
overlay/files/system/oem/30_ulimit.yaml
View File

@ -1,6 +0,0 @@
stages:
boot.before:
- name: "Setup higher limit for open files"
if: '[ -e /sbin/rc-service ]'
commands:
- echo 'rc_ulimit="-n 1048576"' >> /etc/rc.conf

11
overlay/files/system/oem/31_hosts.yaml
View File

@ -1,11 +0,0 @@
stages:
initramfs.before:
# For debian based distributions, /etc/hosts is present but empty. This is because the file
# is populated when running the configuration. For those cases we insert a record so it can be
# manipulated later on by yip's hostname plugin
# Read more: https://wiki.debian.org/ConfigPackages
- name: "Make sure hosts file is present and includes a record for 127.0.0.1"
if: |
! [[ -f /etc/hosts ]] || ! [[ $(grep '127.0.0.1' /etc/hosts) ]]
commands:
- echo '127.0.0.1\tlocalhost' >> /etc/hosts

28
overlay/files/system/oem/50_recovery.yaml
View File

@ -1,28 +0,0 @@
name: "Start recovery on tty1"
stages:
initramfs:
- name: "Starts kairos-recovery and generate a temporary pass"
if: |
cat /proc/cmdline | grep -q "kairos.remote_recovery_mode"
commands:
- systemctl disable getty@tty1
- systemctl enable kairos-recovery
# Starts installer on boot in Alpine and openRC based
- name: "Starts kairos-recovery with openRC-based systems"
if: |
[ -f "/etc/inittab" ] && \
( cat /proc/cmdline | grep -q "kairos.remote_recovery_mode" )
commands:
- sed -i -e 's/tty1.*//g' /etc/inittab
- echo "tty1::respawn:/usr/bin/kairos-agent recovery" >> /etc/inittab
boot:
- name: "Recovery"
if: '[ -f "/run/cos/recovery_mode" ]'
hostname: "cos-recovery"
commands:
- |
source /etc/os-release
echo >> /etc/issue
echo "You are booting from recovery mode. Run 'kairos-agent reset' to reset the system to $VERSION" >> /etc/issue
echo " or 'kairos-agent upgrade' to upgrade the active partition" >> /etc/issue
echo >> /etc/issue

17
overlay/files/system/oem/51_reset.yaml
View File

@ -1,17 +0,0 @@
name: "Start reset on tty1"
stages:
initramfs:
- name: "Starts kairos-reset"
if: |
cat /proc/cmdline | grep -q "kairos.reset"
commands:
- systemctl disable getty@tty1
- systemctl enable kairos-reset
# Starts installer on boot in Alpine and openRC based
- name: "Starts kairos-reset with openRC-based systems"
if: |
[ -f "/etc/inittab" ] && \
( cat /proc/cmdline | grep -q "kairos.reset" )
commands:
- sed -i -e 's/tty1.*//g' /etc/inittab
- echo "tty1::respawn:/usr/bin/kairos-agent reset" >> /etc/inittab

35
overlay/files/system/oem/52_installer.yaml
View File

@ -1,35 +0,0 @@
name: "Start installer on tty1"
stages:
initramfs:
- if: |
cat /proc/cmdline | grep -q "nodepair.enable"
commands:
- systemctl disable getty@tty1
- systemctl enable kairos
- systemctl enable kairos-webui
# Starts installer on boot in Alpine and openRC based
- if: |
cat /proc/cmdline | grep -q "nodepair.enable"
commands:
- sed -i -e 's/tty1.*//g' /etc/inittab
- echo "tty1::respawn:/usr/bin/kairos-agent install" >> /etc/inittab
- if: |
cat /proc/cmdline | grep -q "interactive-install"
commands:
- systemctl disable getty@tty1
- systemctl enable kairos-interactive
# Starts installer on boot in Alpine and openRC based
- if: |
cat /proc/cmdline | grep -q "interactive-install"
commands:
- sed -i -e 's/tty1.*//g' /etc/inittab
- echo "tty1::respawn:/usr/bin/kairos-agent interactive-install --shell" >> /etc/inittab
boot:
- if: |
[ "$(kairos-agent state get boot)" == "livecd_boot" ] && [ -f "/sbin/openrc" ]
commands:
- rc-service kairos-webui start
- if: |
[ "$(kairos-agent state get boot)" == "livecd_boot" ] && [ -d "/usr/share/systemd" ]
commands:
- systemctl start kairos-webui

13
overlay/files/usr/lib/os-release.tmpl
View File

@ -1,13 +0,0 @@
KAIROS_NAME="${OS_NAME}"
KAIROS_VERSION="${OS_VERSION}"
KAIROS_ID="${OS_ID}"
KAIROS_ID_LIKE="${OS_NAME}"
KAIROS_VERSION_ID="${OS_VERSION}"
KAIROS_PRETTY_NAME="${OS_NAME} ${OS_VERSION}"
KAIROS_BUG_REPORT_URL="${BUG_REPORT_URL}"
KAIROS_HOME_URL="${HOME_URL}"
KAIROS_IMAGE_REPO="${OS_REPO}"
KAIROS_IMAGE_LABEL="${OS_LABEL}"
KAIROS_GITHUB_REPO="${GITHUB_REPO}"
KAIROS_VARIANT="${VARIANT}"
KAIROS_FLAVOR="${FLAVOR}"

0
overlay/files/usr/libexec/.keep
View File

0
overlay/files/var/log/kairos/.keep
View File