opengnsys
/
oggit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve installation process, make it possible to extract keys from oglive

ogrepository-fixes
Vadim vtroshchinskiy 2025-01-17 09:49:12 +01:00
parent 1d4100dcc0
commit dc59b33e8a
3 changed files with 91 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
installer/README-en.md
View File

@ -36,30 +36,24 @@ It's required to run `apt update` after creating this file
### Install packages
sudo apt install -y python3-git opengnsys-libarchive-c python3-termcolor python3-requests bsdextrautils
sudo apt install -y python3-git opengnsys-libarchive-c python3-termcolor python3-requests python3-tqdm bsdextrautils
## Add SSH Keys to oglive
## Adding SSH Keys to oglive
The Git system accesses the ogrepository via SSH. To work, it needs the oglive to have an SSH key, and the ogrepository must accept it.
The Git system accesses the ogrepository via SSH. To function, it needs the oglive to have an SSH key, and for the ogrepository to accept it.
The Git installer can make the required changes in the Forgejo configuration by extracting a key from the oglive. When invoked without arguments, it extracts the key from the default oglive. This process can also be done by hand, with:
The Git installer can make the required changes by extracting an SSH key from an oglive and installing it in Forgejo. If there is a local ogboot installation, the installer will do this automatically. If there is not, it is necessary to provide the installer with an oglive from which to extract the key using the `--oglive-file` or `--oglive-url` parameter.
./opengnsys_git_installer.py --set-ssh-key
For example:
Or to do it for a specific oglive:
./opengnsys_git_installer.py --oglive-url https://example.com/ogLive-noble.iso
./opengnsys_git_installer.py --set-ssh-key --oglive 1 # oglive number
The installer will proceed to download the file, mount the ISO, and extract the key.
Running this command automatically adds the SSH key to Forgejo.
To perform the process after completing the installation and only add a key to an existing installation, use the `--set-ssh-key` parameter:
It's also possible to specify a squashfs file, for the cases where the Git component is not installed on the same machine as ogboot. To do this, copy the squashfs image over, and run the installer with the `--squashfs-file` argument, like this:
./opengnsys_git_installer.py --set-ssh-key --oglive-url https://example.com/ogLive-noble.iso
./opengnsys_git_installer.py --set-ssh-key --squashfs-file /home/user/initrd.sqfs
The existing key can be dumped to the console with:
./opengnsys_git_installer.py --extract-ssh-key --quiet
# Running the Installer

22
installer/README.md
View File

@ -35,32 +35,24 @@ Es necesario ejecutar `apt update` después de crear el archivo.
### Instalar paquetes:
sudo apt install -y python3-git opengnsys-libarchive-c python3-termcolor python3-requests bsdextrautils
sudo apt install -y python3-git opengnsys-libarchive-c python3-termcolor python3-requests python3-tqdm bsdextrautils
## Agregar claves de SSH a oglive
El sistema de Git accede al ogrepository por SSH. Para funcionar, necesita que el oglive tenga una clave de SSH, y que el ogrepository la acepte.
El instalador de Git puede realizar los cambios requeridos, extrayendo una clave de SSH de un oglive e instalándola en Forgejo. Esto se hace por defecto cuando se ejecuta `./opengnsys_git_installer.py` sin parámetros, pero es posible hacer esta parte del proceso a mano, con:
El instalador de Git puede realizar los cambios requeridos, extrayendo una clave de SSH de un oglive e instalándola en Forgejo. Si hay una instalación de ogboot local, el instalador lo hará automáticamente. Si no la hay, es necesario darle al instalador un oglive del que extraer la clave con el parámetro `--oglive-file` o `--oglive-url`.
Por ejemplo:
./opengnsys_git_installer.py --set-ssh-key
./opengnsys_git_installer.py --oglive-url https://example.com/ogLive-noble.iso
O para hacerlo contra un oglive especifico:
El instalador procederá a descargar el archivo, montar el ISO, y extraer la clave.
./opengnsys_git_installer.py --set-ssh-key --oglive 1 # numero de oglive
Para hacer el proceso después de haber completado la instalación y solo agregar una clave a una instalación existente, usar el parámetro `--set-ssh-key`:
O contra un archivo de initrd directamente. Esto se puede usar si el sistema sobre el que se despliega el componente no es el sistema que alberga los archivos de ogboot. En este caso, basta con copiar la imagen de squashfs para que el instalador extraiga su clave.
./opengnsys_git_installer.py --set-ssh-key --squashfs-file /home/user/initrd.sqfs
Ejecutar este comando agrega la clave de SSH a Forgejo automáticamente.
La clave existente puede extraerse a la consola con:
./opengnsys_git_installer.py --extract-ssh-key --quiet
./opengnsys_git_installer.py --set-ssh-key --oglive-url https://example.com/ogLive-noble.iso
# Ejecutar

79
installer/opengnsys_git_installer.py
View File

@ -28,6 +28,7 @@ import requests
import tempfile
import hashlib
import datetime
import tqdm
#FORGEJO_VERSION="8.0.3"
FORGEJO_VERSION="9.0.3"
@ -91,6 +92,68 @@ class FakeTemporaryDirectory:
def __str__(self):
return self.name
class OgliveMounter:
"""
A class to handle mounting of Oglive images from a given URL or local file.
Attributes:
logger (logging.Logger): Logger instance for logging messages.
squashfs (str): Path to the squashfs file within the mounted Oglive image.
initrd (str): Path to the initrd image within the mounted Oglive image.
kernel (str): Path to the kernel image within the mounted Oglive image.
Methods:
__init__(url):
Initializes the OgliveMounter instance, downloads the Oglive image if URL is provided,
and mounts the image to a temporary directory.
__del__():
Unmounts the mounted directory and cleans up resources.
"""
def __init__(self, url):
self.logger = logging.getLogger("OgliveMounter")
self.mountdir = tempfile.TemporaryDirectory()
self.logger.info("Will mount oglive found at %s", url)
if url.startswith("http://") or url.startswith("https://"):
self.logger.debug("We got an URL, downloading %s", url)
self.tempfile = tempfile.NamedTemporaryFile(mode='wb')
filename = self.tempfile.name
with requests.get(url, stream=True, timeout=60) as req:
progress = tqdm.tqdm()
progress.total = int(req.headers["Content-Length"])
progress.unit_scale = True
progress.desc = "Downloading"
for chunk in req.iter_content(chunk_size=8192):
self.tempfile.write(chunk)
progress.n = progress.n + len(chunk)
progress.refresh()
progress.close()
else:
self.logger.debug("We got a filename")
filename = url
self.logger.debug("Mounting %s at %s", filename, self.mountdir.name)
subprocess.run(["/usr/bin/mount", filename, self.mountdir.name], check=True)
self.squashfs = os.path.join(self.mountdir.name, "ogclient", "ogclient.sqfs")
self.initrd = os.path.join(self.mountdir.name, "ogclient", "oginitrd.img")
self.kernel = os.path.join(self.mountdir.name, "ogclient", "ogvmlinuz")
def __del__(self):
self.logger.debug("Unmounting directory %s", self.mountdir.name)
subprocess.run(["/usr/bin/umount", self.mountdir.name], check=True)
class Oglive:
"""Interfaz a utilidad oglivecli
@ -316,9 +379,14 @@ class OpengnsysGitInstaller:
raise TimeoutError("Timed out waiting for connection!")
def add_ssh_key_from_squashfs(self, oglive_num = None, squashfs_file = None):
def add_ssh_key_from_squashfs(self, oglive_num = None, squashfs_file = None, oglive_file = None):
name = "(unknown)"
mounter = None
if not oglive_file is None:
mounter = OgliveMounter(oglive_file)
squashfs_file = mounter.squashfs
if squashfs_file is None:
if oglive_num is None:
@ -599,7 +667,6 @@ class OpengnsysGitInstaller:
self.add_forgejo_sshkey(oglive_public_key, f"Key for {ogclient} ({timestamp})")
def verify_requirements(self):
self.__logger.info("verify_requirements()")
@ -890,8 +957,12 @@ if __name__ == '__main__':
parser.add_argument('--set-ssh-key', action='store_true', help="Read SSH key from oglive squashfs and set it in Forgejo")
parser.add_argument('--extract-ssh-key-from-initrd', action='store_true', help="Extract SSH key from oglive initrd (obsolete)")
parser.add_argument('--initrd-file', metavar="FILE", help="Initrd file to extract SSH key from")
parser.add_argument('--squashfs-file', metavar="FILE", help="Squashfs file to extract SSH key from")
parser.add_argument('--oglive-file', metavar="FILE", help="Oglive file (ISO) to extract SSH key from")
parser.add_argument('--oglive-url', metavar="URL", help="URL to oglive file (ISO) to extract SSH key from")
parser.add_argument('--set-ssh-key-in-initrd', action='store_true', help="Configure SSH key in oglive (obsolete)")
parser.add_argument('--oglive', type=int, metavar='NUM', help = "Do SSH key manipulation on this oglive")
@ -930,7 +1001,7 @@ if __name__ == '__main__':
key = installer.extract_ssh_key_from_initrd(oglive_number = args.oglive, initrd_file = args.initrd_file)
print(f"{key}")
elif args.set_ssh_key:
installer.add_ssh_key_from_squashfs(oglive_num=args.oglive, squashfs_file=args.squashfs_file)
installer.add_ssh_key_from_squashfs(oglive_num=args.oglive, squashfs_file=args.squashfs_file, oglive_file = args.oglive_file or args.oglive_url)
elif args.set_ssh_key_in_initrd:
installer.set_ssh_key_in_initrd()
elif args.get_image_paths:
@ -943,7 +1014,7 @@ if __name__ == '__main__':
installer.add_forgejo_repo("linux", "Linux")
installer.add_forgejo_repo("mac", "Mac")
installer.add_ssh_key_from_squashfs(oglive_num = args.oglive, squashfs_file=args.squashfs_file)
installer.add_ssh_key_from_squashfs(oglive_num = args.oglive, squashfs_file=args.squashfs_file, oglive_file = args.oglive_file or args.oglive_url)
except RequirementException as req:
show_error(f"Requisito para la instalación no satisfecho: {req.message}")