Refactor build

framework/files/etc/luet/luet.yaml

@@ -0,0 +1,12 @@
+logging:
+  color: false
+  enable_emoji: false
+general:
+   debug: false
+   spinner_charset: 9
+repositories:
+- name: "cos-toolkit-green"
+  type: "docker"
+  enable: true
+  urls:
+  - "quay.io/costoolkit/releases-green"

framework/files/etc/systemd/system/multi-user.target.wants/rancherd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/rancherd.service

framework/files/etc/systemd/system/multi-user.target.wants/sshd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/sshd.service

framework/files/etc/systemd/system/rancherd.service.d/override.conf

@@ -0,0 +1,3 @@
+[Unit]
+ConditionPathExists=!/run/cos/live_mode
+ConditionPathExists=!/run/cos/rescue_mode

framework/files/system/oem/00_ros-rootfs.yaml

@@ -0,0 +1,67 @@
+name: "ROS Rootfs Layout Settings"
+stages:
+  initramfs:
+    - if: '[ ! -f /run/cos/recovery_mode ]'
+      commands:
+      - |
+        target=/usr/local/.ros-state
+
+        # Always want the latest update of systemd conf from the image
+        mkdir -p ${target}/etc/systemd/
+        rsync -av /etc/systemd/ ${target}/etc/systemd/
+
+        if [ ! -e /usr/local/etc/hostname ]; then
+          echo rancher-${RANDOM} > /usr/local/etc/hostname
+        fi
+        ln -sf /usr/local/etc/hostname /etc/hostname
+
+        # Only populate ssh conf once
+        if [ ! -e ${target}/etc/ssh ]; then
+          mkdir -p ${target}/etc/ssh/
+          rsync -a /etc/ssh/ ${target}/etc/ssh/
+        fi
+
+        sed -i '/overlay \/home /d' /etc/fstab
+        sed -i '/overlay \/opt /d' /etc/fstab
+        nsenter -m -t 1 -- umount /sysroot/home
+        nsenter -m -t 1 -- umount /sysroot/opt
+
+        # setup directories as persistent
+        for i in root opt home var/lib/rancher var/lib/kubelet etc/systemd etc/rancher etc/ssh usr/libexec var/log var/lib/wicked; do
+          mkdir -p ${target}/$i /$i
+          nsenter -m -t 1 -- mount /sysroot${target}/$i /sysroot/$i -t none -o bind
+        done
+
+        # This is hidden so that if you run some selinux label checking or relabeling the bind
+        # mount won't screw up things.  If you have two files at different paths they will get
+        # labeled with two different labels.
+        mkdir -p ${target}/empty
+        nsenter -m -t 1 -- mount /sysroot${target}/empty /sysroot${target} -o bind,ro
+
+        # ensure /var/log/journal exists so it's labeled correctly
+        nsenter -m -t 1 -- mkdir -p /sysroot/var/log/journal
+  initramfs.after:
+    - if: '[ ! -f /run/cos/recovery_mode ]'
+      commands:
+      - restorecon -R -v /etc /home /opt /var /usr/local /tmp /srv /root
+  fs.before:
+    - name: "Pull data from provider (local)"
+      datasource:
+        providers: ["aws", "gcp", "openstack", "cdrom"]
+        path: "/oem"
+    - if: '[ ! -f /run/cos/recovery_mode ]'
+      commands:
+      - restorecon -R -v /etc /home /opt /var /usr/local /tmp /srv /root
+  rootfs.after:
+    - if: '[ ! -f /run/cos/recovery_mode ] && [ ! -f /run/cos/live_mode ]'
+      name: "Grow persistent"
+      layout:
+        device:
+          label: COS_PERSISTENT
+        expand_partition:
+          size: 0
+  fs.before:
+    - if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -f /run/cos/live_mode ]'
+      name: "Grow persistent fs"
+      commands:
+      - resize2fs $(blkid -L COS_PERSISTENT)

framework/files/system/oem/04_accounting.yaml

@@ -0,0 +1,16 @@
+name: "Default user"
+stages:
+  initramfs:
+  - if: |
+          cat /proc/cmdline | grep -q "CDLABEL"
+    name: "Setup user for live CD"
+    files:
+    - path: /etc/issue.d/99_passwd
+      content: |
+        Login with username=root, password=cos
+    ensure_entities:
+    - path: /etc/shadow
+      entity: |
+        kind: "shadow"
+        username: "root"
+        password: "cos"

framework/files/system/oem/05_elemental-installer.yaml

@@ -0,0 +1,23 @@
+name: "Elemental Installer"
+stages:
+  initramfs:
+  - if: '[ -f /run/cos/live_mode ]'
+    files:
+    - path: /etc/motd
+      content: |
+
+        Run "ros-installer" to install to disk
+         
+      permissions: 0644
+    - path: /etc/systemd/system/serial-getty@ttyS0.service.d/override.conf
+      content: |
+        [Service]
+        ExecStart=
+        ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM
+      permissions: 0644
+    - path: /etc/systemd/system/getty@tty1.service.d/override.conf
+      content: |
+        [Service]
+        ExecStart=
+        ExecStart=-/sbin/agetty --autologin root --noclear %I $TERM
+      permissions: 0644

framework/files/usr/sbin/self-upgrade

@@ -0,0 +1,5 @@
+#!/bin/bash
+set -e -x
+source /usr/lib/rancheros-release
+cos-upgrade --no-verify --docker-image "${IMAGE}"
+reboot

framework/files/usr/sbin/suc-upgrade

@@ -0,0 +1,18 @@
+#!/bin/bash
+set -x -e
+HOST_DIR="${HOST_DIR:-/host}"
+RELEASE_FILE="${RELEASE_FILE:-/etc/os-release}"
+
+if [ "$FORCE" != "true" ]; then
+    if diff $RELEASE_FILE ${HOST_DIR}${RELEASE_FILE} >/dev/null; then
+        echo Update to date with
+        cat /etc/os-release
+        exit 0
+    fi
+fi
+
+mount --rbind $HOST_DIR/dev /dev
+mount --rbind $HOST_DIR/run /run
+bash -x cos-upgrade --directory /
+nsenter -i -m -t 1 -- reboot
+exit 1