update and change sysrepo persistency
In sysrepo commit c226ab1 (November 2020), some fields in the internal
sysrepo-monitoring module were renamed from pid to cid without a
revision bump of that module. If a post-November sysrepo ever runs on a
system with pre-November YANG module, sysrepo operations fail with this
error:
Failed to find "cid" as a sibling to "sysrepo-monitoring:datastore".
...and we started hitting just that in our lab. Given that sysrepo
upstream strongly suggests only ever touching the repository content via
`sysrepocfg`, let's make sure that we follow their suggestion and save
data via `sysrepofg -X` and load them via `sysrepocfg -I`.
This required some dance in order to not break Netopeer's
initialization. I split its provisioning setup in two halves, so that it
installs YANG files (and enables all required features) first, then we
can inject the configuration, and then
Right now this means that we regenerate the NETCONF SSH host key during
each and every boot, but that's only a performance penalty since we
immediately overwrite that configuration via the version stored during
last boot. Still, it would be nice to fit that later.
Change-Id: Ib2060ea850d1121d5025183b6c5b17d8962f435b
Bug: https://tree.taiga.io/project/jktjkt-netconf-cli/issue/206
Bug: https://github.com/sysrepo/sysrepo/issues/2280
diff --git a/package/cla-sysrepo/cla-appliance.service.in b/package/cla-sysrepo/cla-appliance.service.in
index 8058606..0d5e8f3 100644
--- a/package/cla-sysrepo/cla-appliance.service.in
+++ b/package/cla-sysrepo/cla-appliance.service.in
@@ -1,9 +1,9 @@
[Unit]
Description=CzechLight __MODEL__ driver
-After=syslog.target network.target czechlight-install-yang.service
+After=syslog.target network.target czechlight-install-yang.service cfg-restore-sysrepo.service
Before=rauc-mark-good.service
PartOf=netopeer2.service
-Requires=czechlight-install-yang.service
+Requires=czechlight-install-yang.service cfg-restore-sysrepo.service
StartLimitIntervalSec=0
ConditionKernelCommandLine=czechlight=__MODEL__
diff --git a/package/cla-sysrepo/czechlight-install-yang.service b/package/cla-sysrepo/czechlight-install-yang.service
index 21deb1a..83cdf0d 100644
--- a/package/cla-sysrepo/czechlight-install-yang.service
+++ b/package/cla-sysrepo/czechlight-install-yang.service
@@ -1,8 +1,8 @@
[Unit]
Description=Install CzechLight YANG models
-After=netopeer2-setup.service cfg.mount
-Requires=netopeer2-setup.service cfg.mount
-Before=netopeer2.service
+After=netopeer2-install-yang.service cfg.mount
+Requires=netopeer2-install-yang.service cfg.mount
+Before=netopeer2.service cfg-restore-sysrepo.service
[Service]
Type=oneshot
diff --git a/package/cla-sysrepo/czechlight-install-yang.sh b/package/cla-sysrepo/czechlight-install-yang.sh
index 38e4c95..46191db 100755
--- a/package/cla-sysrepo/czechlight-install-yang.sh
+++ b/package/cla-sysrepo/czechlight-install-yang.sh
@@ -99,5 +99,5 @@
sysrepoctl --change czechlight-lldp --permissions 0664 --apply
fi
-mkdir -p /cfg/etc/sysrepo/
-cp -a /etc/sysrepo/data /etc/sysrepo/yang /cfg/etc/sysrepo/
+# If not do not copy here from startup -> running, running might be stale.
+sysrepocfg -C startup
diff --git a/package/czechlight-cfg-fs/cfg-restore-sysrepo.service b/package/czechlight-cfg-fs/cfg-restore-sysrepo.service
new file mode 100644
index 0000000..c990d56
--- /dev/null
+++ b/package/czechlight-cfg-fs/cfg-restore-sysrepo.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Restore sysrepo startup datastore from /cfg
+After=netopeer2-install-yang.service czechlight-install-yang.service cfg.mount
+Requires=netopeer2-install-yang.service czechlight-install-yang.service cfg.mount
+Before=netopeer2-setup.service netopeer2.service sysrepo-persistent-cfg.service
+ConditionPathExists=/cfg/sysrepo/startup.json
+
+[Service]
+Type=oneshot
+ExecStart=/bin/sysrepocfg -d startup -f json --import=/cfg/sysrepo/startup.json
+ExecStart=/bin/sysrepocfg -C startup
+
+[Install]
+WantedBy=multi-user.target
diff --git a/package/czechlight-cfg-fs/czechlight-cfg-fs.mk b/package/czechlight-cfg-fs/czechlight-cfg-fs.mk
index c9d1c57..dc459c9 100644
--- a/package/czechlight-cfg-fs/czechlight-cfg-fs.mk
+++ b/package/czechlight-cfg-fs/czechlight-cfg-fs.mk
@@ -28,6 +28,10 @@
$(BR2_EXTERNAL_CZECHLIGHT_PATH)/package/czechlight-cfg-fs/sysrepo-persistent-cfg.service \
$(TARGET_DIR)/usr/lib/systemd/system/
ln -sf ../sysrepo-persistent-cfg.service $(TARGET_DIR)/usr/lib/systemd/system/multi-user.target.wants/
+ $(INSTALL) -D -m 0644 \
+ $(BR2_EXTERNAL_CZECHLIGHT_PATH)/package/czechlight-cfg-fs/cfg-restore-sysrepo.service \
+ $(TARGET_DIR)/usr/lib/systemd/system/
+ ln -sf ../cfg-restore-sysrepo.service $(TARGET_DIR)/usr/lib/systemd/system/multi-user.target.wants/
$(endif)
$(ifeq ($(CZECHLIGHT_CFG_FS_PERSIST_KEYS),y))
mkdir -p $(TARGET_DIR)/usr/lib/systemd/system/multi-user.target.wants/
diff --git a/package/czechlight-cfg-fs/sysrepo-persistent-cfg.service b/package/czechlight-cfg-fs/sysrepo-persistent-cfg.service
index 598d792..8f2642c 100644
--- a/package/czechlight-cfg-fs/sysrepo-persistent-cfg.service
+++ b/package/czechlight-cfg-fs/sysrepo-persistent-cfg.service
@@ -5,4 +5,5 @@
[Service]
Type=simple
-ExecStart=/bin/sh -c 'while true; do inotifywait -e CLOSE_WRITE /etc/sysrepo/data/*.startup && mkdir -p /cfg/etc/sysrepo/data/ && cp -a /etc/sysrepo/data/*.startup /cfg/etc/sysrepo/data/; done'
+UMask=0077
+ExecStart=/bin/sh -c 'while true; do inotifywait -e CLOSE_WRITE /etc/sysrepo/data/*.startup && mkdir -p /cfg/sysrepo/ && sysrepocfg -d startup -f json -X > /cfg/sysrepo/startup.json; done'
diff --git a/package/czechlight-rauc/rauc-hook.sh b/package/czechlight-rauc/rauc-hook.sh
index 55d82b9..2899d4f 100755
--- a/package/czechlight-rauc/rauc-hook.sh
+++ b/package/czechlight-rauc/rauc-hook.sh
@@ -10,6 +10,7 @@
etc \
journald-remote \
random-seed \
+ sysrepo \
ssh-user-auth \
; do
if [[ -d /cfg/${ITEM} || -f /cfg/${ITEM} ]]; then
@@ -34,6 +35,12 @@
# No more netopeer2-keystored, different config
rm -rf ${RAUC_SLOT_MOUNT_POINT}/etc/keystored
echo "sysrepo configuration not preserved"
+elif [[ -d /cfg/etc/sysrepo ]]; then
+ # switch from "persisting whole /etc/sysrepo" to "exporting config via JSON"
+ rm -rf ${RAUC_SLOT_MOUNT_POINT}/etc/sysrepo
+ umask 0077
+ mkdir ${RAUC_SLOT_MOUNT_POINT}/sysrepo
+ sysrepocfg -d startup -f json -X > ${RAUC_SLOT_MOUNT_POINT}/sysrepo/startup.json
fi
exit 0
diff --git a/package/lldp-systemd-networkd-sysrepo/lldp-systemd-networkd-sysrepo.service b/package/lldp-systemd-networkd-sysrepo/lldp-systemd-networkd-sysrepo.service
index aec9176..69cfad0 100644
--- a/package/lldp-systemd-networkd-sysrepo/lldp-systemd-networkd-sysrepo.service
+++ b/package/lldp-systemd-networkd-sysrepo/lldp-systemd-networkd-sysrepo.service
@@ -1,7 +1,7 @@
[Unit]
Description=lldp-systemd-networkd-sysrepo is a sysrepo application announcing LLDP neighbours from systemd-networkd.
-After=syslog.target network.target czechlight-install-yang.service
-Requires=czechlight-install-yang.service
+After=syslog.target network.target czechlight-install-yang.service cfg-restore-sysrepo.service
+Requires=czechlight-install-yang.service cfg-restore-sysrepo.service
PartOf=netopeer2.service
[Service]
diff --git a/submodules/buildroot b/submodules/buildroot
index 71f622b..386283e 160000
--- a/submodules/buildroot
+++ b/submodules/buildroot
@@ -1 +1 @@
-Subproject commit 71f622b823fdd65f77a1195b06c382870872cfeb
+Subproject commit 386283e33b83e6a1956f5c1a68196d6cdd6fead9