From 633eecc6aa7e44d1dc42d2268b0d9738f60977b1 Mon Sep 17 00:00:00 2001 From: bakhtin Date: Wed, 8 Jan 2025 12:43:25 +0000 Subject: [PATCH 1/3] v2 bug fixes Signed-off-by: bakhtin --- .../files/cvm-reverse-proxy-client-init | 2 +- .../files/cvm-reverse-proxy-server-init | 2 +- recipes-core/date-sync/init | 2 +- .../disk-encryption/disk-encryption.bb | 4 +-- recipes-core/disk-encryption/init | 32 +++++++++++++------ recipes-core/system-api/files/system-api-init | 2 +- 6 files changed, 29 insertions(+), 15 deletions(-) diff --git a/recipes-core/cvm-reverse-proxy-client/files/cvm-reverse-proxy-client-init b/recipes-core/cvm-reverse-proxy-client/files/cvm-reverse-proxy-client-init index 6664d28..bc19329 100644 --- a/recipes-core/cvm-reverse-proxy-client/files/cvm-reverse-proxy-client-init +++ b/recipes-core/cvm-reverse-proxy-client/files/cvm-reverse-proxy-client-init @@ -27,7 +27,7 @@ log() { echo -n "$(date): " } fi - echo "$(date_log)$1" | tee -a $SYSTEM_API_FIFO + echo "$(date_log)$1" >&2 | tee -a $SYSTEM_API_FIFO } start() { diff --git a/recipes-core/cvm-reverse-proxy-server/files/cvm-reverse-proxy-server-init b/recipes-core/cvm-reverse-proxy-server/files/cvm-reverse-proxy-server-init index 0b92f8d..1b3892f 100644 --- a/recipes-core/cvm-reverse-proxy-server/files/cvm-reverse-proxy-server-init +++ b/recipes-core/cvm-reverse-proxy-server/files/cvm-reverse-proxy-server-init @@ -27,7 +27,7 @@ log() { echo -n "$(date): " } fi - echo "$(date_log)$1" | tee -a $SYSTEM_API_FIFO + echo "$(date_log)$1" >&2 | tee -a $SYSTEM_API_FIFO } start() { diff --git a/recipes-core/date-sync/init b/recipes-core/date-sync/init index 792ce3e..022b437 100644 --- a/recipes-core/date-sync/init +++ b/recipes-core/date-sync/init @@ -29,7 +29,7 @@ log() { echo -n "$(date --iso-8601=seconds): " } fi - echo "$(date_log)$1" | tee -a $SYSTEM_API_FIFO + echo "$(date_log)$1" >&2 | tee -a $SYSTEM_API_FIFO } monitor_and_restart() { diff --git a/recipes-core/disk-encryption/disk-encryption.bb b/recipes-core/disk-encryption/disk-encryption.bb index 3261df5..10cb4ed 100644 --- a/recipes-core/disk-encryption/disk-encryption.bb +++ b/recipes-core/disk-encryption/disk-encryption.bb @@ -46,8 +46,8 @@ do_install() { # Create environment file for init service install -d ${D}${sysconfdir}/default ${D}${sysconfdir}/disk-encryption echo "TARGET_LUN=${TARGET_LUN} - DISK_ENCRYPTION_KEY_STORAGE=${DISK_ENCRYPTION_KEY_STORAGE}" > ${D}${sysconfdir}/default/disk-encryption - if [ "$DISK_ENCRYPTION_KEY_STORAGE" = "file" ]; then +DISK_ENCRYPTION_KEY_STORAGE=${DISK_ENCRYPTION_KEY_STORAGE}" > ${D}${sysconfdir}/default/disk-encryption + if [ "${DISK_ENCRYPTION_KEY_STORAGE}" = "file" ]; then echo "DISK_ENCRYPTION_KEY_FILE=/etc/disk-encryption/key" >> ${D}${sysconfdir}/default/disk-encryption install -m 0644 ${WORKDIR}/disk-encryption-key.mustache ${D}${sysconfdir}/disk-encryption/key.mustache fi diff --git a/recipes-core/disk-encryption/init b/recipes-core/disk-encryption/init index 9292f91..5322bf1 100644 --- a/recipes-core/disk-encryption/init +++ b/recipes-core/disk-encryption/init @@ -1,5 +1,5 @@ #!/bin/sh -set -eux -o pipefail +set -eu -o pipefail ### BEGIN INIT INFO # Provides: disk-encryption @@ -34,20 +34,33 @@ log() { echo -n "$(date): " } fi - echo "$(date_log)$1" | tee -a $SYSTEM_API_FIFO $LOGFILE + echo "$(date_log)$1" >&2 | tee -a $SYSTEM_API_FIFO $LOGFILE } find_target_disk() { local target_path + local attempt=0 + local max_attempts=30 + local wait_interval=10 + + # Try to find disk by LUN with retries + while [ $attempt -lt $max_attempts ]; do + target_path=$(readlink -f /dev/disk/by-path/*scsi-0:0:0:${TARGET_LUN} 2>/dev/null || true) + + if [ -n "$target_path" ] && [ -b "$target_path" ]; then + log "Found target disk at ${target_path} using LUN ${TARGET_LUN}" + echo "$target_path" + return 0 + fi - # First try to find disk by LUN - target_path=$(readlink -f /dev/disk/by-path/*scsi-0:0:0:${TARGET_LUN} 2>/dev/null || true) + attempt=$((attempt + 1)) + if [ $attempt -lt $max_attempts ]; then + log "Attempt ${attempt}/${max_attempts}: Waiting ${wait_interval} seconds for target disk to become available..." + sleep $wait_interval + fi + done - if [ -n "$target_path" ] && [ -b "$target_path" ]; then - log "Found target disk at ${target_path} using LUN ${TARGET_LUN}" - echo "$target_path" - return 0 - fi + log "Target disk not found after ${max_attempts} attempts, falling back to largest disk detection" # Fallback: Simply find largest disk local largest_disk @@ -167,6 +180,7 @@ start() { fi log "Using disk: ${TARGET_DISK}" + exit_code=0 KEY=$(get_key) || exit_code=$? if [ $exit_code -ne 0 ] || [ -z "$KEY" ]; then if [ "$DISK_ENCRYPTION_KEY_STORAGE" = "tpm2" ]; then diff --git a/recipes-core/system-api/files/system-api-init b/recipes-core/system-api/files/system-api-init index cd55ba3..944bd5a 100644 --- a/recipes-core/system-api/files/system-api-init +++ b/recipes-core/system-api/files/system-api-init @@ -27,7 +27,7 @@ log() { echo -n "$(date): " } fi - echo "$(date_log)$1" | tee -a $SYSTEM_API_FIFO + echo "$(date_log)$1" >&2 | tee -a $SYSTEM_API_FIFO } start() { From 96b9b7da4d295270f5966a8c8095817f9ae4199f Mon Sep 17 00:00:00 2001 From: bakhtin Date: Wed, 8 Jan 2025 19:09:26 +0000 Subject: [PATCH 2/3] Fix system-api-fake-fifo Signed-off-by: bakhtin --- .../system-api-fake-fifo/{init => system-api-fake-fifo} | 0 recipes-core/system-api-fake-fifo/system-api-fake-fifo.bb | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename recipes-core/system-api-fake-fifo/{init => system-api-fake-fifo} (100%) diff --git a/recipes-core/system-api-fake-fifo/init b/recipes-core/system-api-fake-fifo/system-api-fake-fifo similarity index 100% rename from recipes-core/system-api-fake-fifo/init rename to recipes-core/system-api-fake-fifo/system-api-fake-fifo diff --git a/recipes-core/system-api-fake-fifo/system-api-fake-fifo.bb b/recipes-core/system-api-fake-fifo/system-api-fake-fifo.bb index b844244..c659b75 100644 --- a/recipes-core/system-api-fake-fifo/system-api-fake-fifo.bb +++ b/recipes-core/system-api-fake-fifo/system-api-fake-fifo.bb @@ -4,7 +4,7 @@ LICENSE = "CLOSED" FILESEXTRAPATHS:prepend := "${THISDIR}:" -SRC_URI += "file://init" +SRC_URI += "file://system-api-fake-fifo" INITSCRIPT_NAME = "system-api-fake-fifo" INITSCRIPT_PARAMS = "defaults 60" From e756537005544f0a30ca7cac8fed64325d9d6e68 Mon Sep 17 00:00:00 2001 From: bakhtin Date: Thu, 9 Jan 2025 13:19:45 +0000 Subject: [PATCH 3/3] system-api fixes Signed-off-by: bakhtin --- recipes-core/system-api/files/system-api-init | 8 +++++--- .../system-api/files/systemapi-config.toml.mustache | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/recipes-core/system-api/files/system-api-init b/recipes-core/system-api/files/system-api-init index 944bd5a..9146188 100644 --- a/recipes-core/system-api/files/system-api-init +++ b/recipes-core/system-api/files/system-api-init @@ -32,17 +32,19 @@ log() { start() { mkdir -p /persistent/rbuilder /persistent/system-api - mv $SYSTEM_API_FIFO $SYSTEM_API_FIFO.bak log "Starting $NAME" - start-stop-daemon -S --make-pidfile -p $PIDFILE -m -b -a $DAEMON -- $DAEMON_ARGS > $LOGFILE 2>&1 + mv $SYSTEM_API_FIFO $SYSTEM_API_FIFO.bak + start-stop-daemon -S --make-pidfile -p $PIDFILE -m -b --exec /bin/sh -- -c "exec $DAEMON $DAEMON_ARGS >> $LOGFILE 2>&1" # Wait for the service to start sleep 2 cat $SYSTEM_API_FIFO.bak > $SYSTEM_API_FIFO - rm $SYSTEM_API_FIFO.bak + rm -f $SYSTEM_API_FIFO.bak + chmod 644 $LOGFILE log "Started $NAME" } stop() { + rm -f $SYSTEM_API_FIFO log "Stopping $NAME" start-stop-daemon --stop --quiet --pidfile $PIDFILE rm -f $PIDFILE diff --git a/recipes-core/system-api/files/systemapi-config.toml.mustache b/recipes-core/system-api/files/systemapi-config.toml.mustache index 0e11e61..c8d4b28 100644 --- a/recipes-core/system-api/files/systemapi-config.toml.mustache +++ b/recipes-core/system-api/files/systemapi-config.toml.mustache @@ -16,7 +16,7 @@ basic_auth_secret_salt = "1_drink_coffee:|" # TLS configuration tls_enabled = true tls_create_if_missing = true -tls_cert_hosts = "127.0.0.1,localhost,{{public_ip}},{{dns_name}}" +tls_cert_hosts = ["127.0.0.1,localhost,{{public_ip}},{{dns_name}}"] tls_cert_path = "/persistent/system-api/cert.pem" tls_key_path = "/persistent/system-api/key.pem"