2018-12-20 17:12:04 +00:00
|
|
|
import * as _ from 'lodash';
|
2019-03-27 13:08:04 +00:00
|
|
|
import { inspect } from 'util';
|
2022-02-10 19:26:22 +00:00
|
|
|
import { promises as fs } from 'fs';
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-06-02 13:29:05 +00:00
|
|
|
import * as config from './config';
|
2020-05-28 17:15:33 +00:00
|
|
|
import * as db from './db';
|
2020-06-08 12:57:31 +00:00
|
|
|
import * as logger from './logger';
|
2020-04-13 09:32:51 +00:00
|
|
|
import * as dbus from './lib/dbus';
|
2021-07-29 22:11:52 +00:00
|
|
|
import { EnvVarObject } from './types';
|
2020-08-18 18:11:36 +00:00
|
|
|
import { UnitNotLoadedError } from './lib/errors';
|
2018-12-20 17:12:04 +00:00
|
|
|
import { checkInt, checkTruthy } from './lib/validation';
|
2020-08-18 00:05:31 +00:00
|
|
|
import log from './lib/supervisor-console';
|
2020-08-18 18:11:36 +00:00
|
|
|
import * as configUtils from './config/utils';
|
|
|
|
import { SchemaTypeKey } from './config/schema-type';
|
|
|
|
import { matchesAnyBootConfig } from './config/backends';
|
2021-01-05 21:30:07 +00:00
|
|
|
import { ConfigBackend } from './config/backends/backend';
|
2020-08-18 00:05:31 +00:00
|
|
|
import { Odmdata } from './config/backends/odmdata';
|
2022-02-10 19:26:22 +00:00
|
|
|
import * as fsUtils from './lib/fs-utils';
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-05-06 15:47:17 +00:00
|
|
|
const vpnServiceName = 'openvpn';
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2022-02-10 19:26:22 +00:00
|
|
|
// This indicates the file on the host /tmp directory that
|
|
|
|
// marks the need for a reboot. Since reboot is only triggered for now
|
|
|
|
// by some config changes, we leave this here for now. There is planned
|
|
|
|
// functionality to allow image installs to require reboots, at that moment
|
|
|
|
// this constant can be moved somewhere else
|
|
|
|
const REBOOT_BREADCRUMB = fsUtils.getPathOnHost(
|
|
|
|
'/tmp/balena-supervisor/reboot-after-apply',
|
|
|
|
);
|
|
|
|
|
2018-12-20 17:12:04 +00:00
|
|
|
interface ConfigOption {
|
|
|
|
envVarName: string;
|
|
|
|
varType: string;
|
|
|
|
defaultValue: string;
|
|
|
|
rebootRequired?: boolean;
|
|
|
|
}
|
|
|
|
|
2019-12-18 15:58:21 +00:00
|
|
|
// FIXME: Bring this and the deviceState and
|
|
|
|
// applicationState steps together
|
|
|
|
export interface ConfigStep {
|
2018-12-20 17:12:04 +00:00
|
|
|
// TODO: This is a bit of a mess, the DeviceConfig class shouldn't
|
|
|
|
// know that the reboot action exists as it is implemented by
|
|
|
|
// DeviceState. Fix this weird circular dependency
|
2019-03-07 17:48:49 +00:00
|
|
|
action: keyof DeviceActionExecutors | 'reboot' | 'noop';
|
2018-12-20 17:12:04 +00:00
|
|
|
humanReadableTarget?: Dictionary<string>;
|
|
|
|
target?: string | Dictionary<string>;
|
|
|
|
}
|
|
|
|
|
|
|
|
interface DeviceActionExecutorOpts {
|
|
|
|
initial?: boolean;
|
|
|
|
}
|
|
|
|
|
|
|
|
type DeviceActionExecutorFn = (
|
|
|
|
step: ConfigStep,
|
|
|
|
opts?: DeviceActionExecutorOpts,
|
|
|
|
) => Promise<void>;
|
|
|
|
|
|
|
|
interface DeviceActionExecutors {
|
|
|
|
changeConfig: DeviceActionExecutorFn;
|
|
|
|
setVPNEnabled: DeviceActionExecutorFn;
|
|
|
|
setBootConfig: DeviceActionExecutorFn;
|
2022-02-10 19:26:22 +00:00
|
|
|
setRebootBreadcrumb: DeviceActionExecutorFn;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
const actionExecutors: DeviceActionExecutors = {
|
|
|
|
changeConfig: async (step) => {
|
|
|
|
try {
|
|
|
|
if (step.humanReadableTarget) {
|
|
|
|
logger.logConfigChange(step.humanReadableTarget);
|
|
|
|
}
|
|
|
|
if (!_.isObject(step.target)) {
|
|
|
|
throw new Error('Non-dictionary value passed to changeConfig');
|
|
|
|
}
|
|
|
|
// TODO: Change the typing of step so that the types automatically
|
|
|
|
// work out and we don't need this cast to any
|
|
|
|
await config.set(step.target as { [key in SchemaTypeKey]: any });
|
|
|
|
if (step.humanReadableTarget) {
|
|
|
|
logger.logConfigChange(step.humanReadableTarget, {
|
|
|
|
success: true,
|
|
|
|
});
|
|
|
|
}
|
2022-09-19 15:08:16 +00:00
|
|
|
} catch (err: any) {
|
2020-07-08 09:50:52 +00:00
|
|
|
if (step.humanReadableTarget) {
|
|
|
|
logger.logConfigChange(step.humanReadableTarget, {
|
|
|
|
err,
|
|
|
|
});
|
|
|
|
}
|
|
|
|
throw err;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
},
|
|
|
|
setVPNEnabled: async (step, opts = {}) => {
|
|
|
|
const { initial = false } = opts;
|
|
|
|
if (!_.isString(step.target)) {
|
|
|
|
throw new Error('Non-string value passed to setVPNEnabled');
|
|
|
|
}
|
|
|
|
const logValue = { SUPERVISOR_VPN_CONTROL: step.target };
|
|
|
|
if (!initial) {
|
|
|
|
logger.logConfigChange(logValue);
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
await setVPNEnabled(step.target);
|
|
|
|
if (!initial) {
|
|
|
|
logger.logConfigChange(logValue, { success: true });
|
|
|
|
}
|
2022-09-19 15:08:16 +00:00
|
|
|
} catch (err: any) {
|
2020-07-08 09:50:52 +00:00
|
|
|
logger.logConfigChange(logValue, { err });
|
|
|
|
throw err;
|
|
|
|
}
|
|
|
|
},
|
|
|
|
setBootConfig: async (step) => {
|
|
|
|
if (!_.isObject(step.target)) {
|
|
|
|
throw new Error('Non-dictionary passed to DeviceConfig.setBootConfig');
|
|
|
|
}
|
2020-08-07 23:21:46 +00:00
|
|
|
const backends = await getConfigBackends();
|
|
|
|
for (const backend of backends) {
|
|
|
|
await setBootConfig(backend, step.target as Dictionary<string>);
|
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
},
|
2022-02-10 19:26:22 +00:00
|
|
|
setRebootBreadcrumb: async () => {
|
|
|
|
// Just create the file. The last step in the target state calculation will check
|
|
|
|
// the file and create a reboot step
|
|
|
|
await fsUtils.touch(REBOOT_BREADCRUMB);
|
|
|
|
},
|
2020-07-08 09:50:52 +00:00
|
|
|
};
|
|
|
|
|
2020-08-07 23:21:46 +00:00
|
|
|
const configBackends: ConfigBackend[] = [];
|
2020-07-08 09:50:52 +00:00
|
|
|
|
|
|
|
const configKeys: Dictionary<ConfigOption> = {
|
|
|
|
appUpdatePollInterval: {
|
|
|
|
envVarName: 'SUPERVISOR_POLL_INTERVAL',
|
|
|
|
varType: 'int',
|
2022-02-09 20:15:22 +00:00
|
|
|
defaultValue: '900000',
|
2020-07-08 09:50:52 +00:00
|
|
|
},
|
|
|
|
instantUpdates: {
|
|
|
|
envVarName: 'SUPERVISOR_INSTANT_UPDATE_TRIGGER',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'true',
|
|
|
|
},
|
|
|
|
localMode: {
|
|
|
|
envVarName: 'SUPERVISOR_LOCAL_MODE',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'false',
|
|
|
|
},
|
|
|
|
connectivityCheckEnabled: {
|
|
|
|
envVarName: 'SUPERVISOR_CONNECTIVITY_CHECK',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'true',
|
|
|
|
},
|
|
|
|
loggingEnabled: {
|
|
|
|
envVarName: 'SUPERVISOR_LOG_CONTROL',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'true',
|
|
|
|
},
|
|
|
|
delta: {
|
|
|
|
envVarName: 'SUPERVISOR_DELTA',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'false',
|
|
|
|
},
|
|
|
|
deltaRequestTimeout: {
|
|
|
|
envVarName: 'SUPERVISOR_DELTA_REQUEST_TIMEOUT',
|
|
|
|
varType: 'int',
|
2022-01-18 09:33:38 +00:00
|
|
|
defaultValue: '59000',
|
2020-07-08 09:50:52 +00:00
|
|
|
},
|
|
|
|
deltaApplyTimeout: {
|
|
|
|
envVarName: 'SUPERVISOR_DELTA_APPLY_TIMEOUT',
|
|
|
|
varType: 'int',
|
|
|
|
defaultValue: '0',
|
|
|
|
},
|
|
|
|
deltaRetryCount: {
|
|
|
|
envVarName: 'SUPERVISOR_DELTA_RETRY_COUNT',
|
|
|
|
varType: 'int',
|
|
|
|
defaultValue: '30',
|
|
|
|
},
|
|
|
|
deltaRetryInterval: {
|
|
|
|
envVarName: 'SUPERVISOR_DELTA_RETRY_INTERVAL',
|
|
|
|
varType: 'int',
|
|
|
|
defaultValue: '10000',
|
|
|
|
},
|
|
|
|
deltaVersion: {
|
|
|
|
envVarName: 'SUPERVISOR_DELTA_VERSION',
|
|
|
|
varType: 'int',
|
|
|
|
defaultValue: '2',
|
|
|
|
},
|
|
|
|
lockOverride: {
|
|
|
|
envVarName: 'SUPERVISOR_OVERRIDE_LOCK',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'false',
|
|
|
|
},
|
|
|
|
persistentLogging: {
|
|
|
|
envVarName: 'SUPERVISOR_PERSISTENT_LOGGING',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'false',
|
|
|
|
rebootRequired: true,
|
|
|
|
},
|
|
|
|
firewallMode: {
|
|
|
|
envVarName: 'HOST_FIREWALL_MODE',
|
|
|
|
varType: 'string',
|
|
|
|
defaultValue: 'off',
|
|
|
|
},
|
|
|
|
hostDiscoverability: {
|
|
|
|
envVarName: 'HOST_DISCOVERABILITY',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'true',
|
|
|
|
},
|
2021-05-05 14:16:58 +00:00
|
|
|
hardwareMetrics: {
|
|
|
|
envVarName: 'SUPERVISOR_HARDWARE_METRICS',
|
|
|
|
varType: 'bool',
|
|
|
|
defaultValue: 'true',
|
|
|
|
},
|
2020-07-08 09:50:52 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
export const validKeys = [
|
|
|
|
'SUPERVISOR_VPN_CONTROL',
|
|
|
|
'OVERRIDE_LOCK',
|
|
|
|
..._.map(configKeys, 'envVarName'),
|
|
|
|
];
|
|
|
|
|
|
|
|
const rateLimits: Dictionary<{
|
|
|
|
duration: number;
|
|
|
|
lastAttempt: number | null;
|
|
|
|
}> = {
|
|
|
|
setVPNEnabled: {
|
|
|
|
// Only try to switch the VPN once an hour
|
|
|
|
duration: 60 * 60 * 1000,
|
|
|
|
lastAttempt: null,
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2020-08-07 23:21:46 +00:00
|
|
|
async function getConfigBackends(): Promise<ConfigBackend[]> {
|
|
|
|
// Exit early if we already have a list
|
|
|
|
if (configBackends.length > 0) {
|
|
|
|
return configBackends;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-08-07 23:21:46 +00:00
|
|
|
// Get all the configurable backends this device supports
|
|
|
|
const backends = await configUtils.getSupportedBackends();
|
|
|
|
// Initialize each backend
|
|
|
|
for (const backend of backends) {
|
|
|
|
await backend.initialise();
|
|
|
|
}
|
|
|
|
// Return list of initialized ConfigBackends
|
|
|
|
return backends;
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2019-02-04 10:58:39 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export async function setTarget(
|
|
|
|
target: Dictionary<string>,
|
|
|
|
trx?: db.Transaction,
|
|
|
|
): Promise<void> {
|
|
|
|
const $db = trx ?? db.models.bind(db);
|
2019-02-04 10:58:39 +00:00
|
|
|
|
2020-08-18 18:11:36 +00:00
|
|
|
const formatted = formatConfigKeys(target);
|
2020-07-08 09:50:52 +00:00
|
|
|
// check for legacy keys
|
|
|
|
if (formatted['OVERRIDE_LOCK'] != null) {
|
|
|
|
formatted['SUPERVISOR_OVERRIDE_LOCK'] = formatted['OVERRIDE_LOCK'];
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
const confToUpdate = {
|
|
|
|
targetValues: JSON.stringify(formatted),
|
|
|
|
};
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
await $db('deviceConfig').update(confToUpdate);
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export async function getTarget({
|
|
|
|
initial = false,
|
|
|
|
}: { initial?: boolean } = {}) {
|
|
|
|
const [unmanaged, [devConfig]] = await Promise.all([
|
|
|
|
config.get('unmanaged'),
|
|
|
|
db.models('deviceConfig').select('targetValues'),
|
|
|
|
]);
|
|
|
|
|
|
|
|
let conf: Dictionary<string>;
|
|
|
|
try {
|
|
|
|
conf = JSON.parse(devConfig.targetValues);
|
2022-09-19 15:08:16 +00:00
|
|
|
} catch (e: any) {
|
2020-07-08 09:50:52 +00:00
|
|
|
throw new Error(`Corrupted supervisor database! Error: ${e.message}`);
|
|
|
|
}
|
|
|
|
if (initial || conf.SUPERVISOR_VPN_CONTROL == null) {
|
|
|
|
conf.SUPERVISOR_VPN_CONTROL = 'true';
|
|
|
|
}
|
|
|
|
if (unmanaged && conf.SUPERVISOR_LOCAL_MODE == null) {
|
|
|
|
conf.SUPERVISOR_LOCAL_MODE = 'true';
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
_.defaults(
|
|
|
|
conf,
|
|
|
|
_(configKeys).mapKeys('envVarName').mapValues('defaultValue').value(),
|
|
|
|
);
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
return conf;
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-08-07 23:21:46 +00:00
|
|
|
export async function getCurrent(): Promise<Dictionary<string>> {
|
|
|
|
// Build a Dictionary of currently set config values
|
|
|
|
const currentConf: Dictionary<string> = {};
|
|
|
|
// Get environment variables
|
2020-07-08 09:50:52 +00:00
|
|
|
const conf = await config.getMany(
|
|
|
|
['deviceType'].concat(_.keys(configKeys)) as SchemaTypeKey[],
|
|
|
|
);
|
2020-08-07 23:21:46 +00:00
|
|
|
// Add each value
|
2020-07-08 09:50:52 +00:00
|
|
|
for (const key of _.keys(configKeys)) {
|
|
|
|
const { envVarName } = configKeys[key];
|
|
|
|
const confValue = conf[key as SchemaTypeKey];
|
|
|
|
currentConf[envVarName] = confValue != null ? confValue.toString() : '';
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-08-07 23:21:46 +00:00
|
|
|
// Add VPN information
|
|
|
|
currentConf['SUPERVISOR_VPN_CONTROL'] = (await isVPNEnabled())
|
|
|
|
? 'true'
|
|
|
|
: 'false';
|
|
|
|
// Get list of configurable backends
|
|
|
|
const backends = await getConfigBackends();
|
|
|
|
// Add each backends configurable values
|
|
|
|
for (const backend of backends) {
|
|
|
|
_.assign(currentConf, await getBootConfig(backend));
|
|
|
|
}
|
|
|
|
// Return compiled configuration
|
|
|
|
return currentConf;
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-08-18 18:11:36 +00:00
|
|
|
export function formatConfigKeys(conf: {
|
|
|
|
[key: string]: any;
|
|
|
|
}): Dictionary<any> {
|
|
|
|
const namespaceRegex = /^BALENA_(.*)/;
|
|
|
|
const legacyNamespaceRegex = /^RESIN_(.*)/;
|
|
|
|
const confFromNamespace = configUtils.filterNamespaceFromConfig(
|
|
|
|
namespaceRegex,
|
|
|
|
conf,
|
|
|
|
);
|
|
|
|
const confFromLegacyNamespace = configUtils.filterNamespaceFromConfig(
|
|
|
|
legacyNamespaceRegex,
|
|
|
|
conf,
|
|
|
|
);
|
|
|
|
const noNamespaceConf = _.pickBy(conf, (_v, k) => {
|
|
|
|
return !_.startsWith(k, 'RESIN_') && !_.startsWith(k, 'BALENA_');
|
|
|
|
});
|
|
|
|
const confWithoutNamespace = _.defaults(
|
|
|
|
confFromNamespace,
|
|
|
|
confFromLegacyNamespace,
|
|
|
|
noNamespaceConf,
|
|
|
|
);
|
2021-01-05 21:37:53 +00:00
|
|
|
|
|
|
|
return _.pickBy(
|
|
|
|
confWithoutNamespace,
|
|
|
|
(_v, k) => _.includes(validKeys, k) || matchesAnyBootConfig(k),
|
|
|
|
);
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2019-10-28 11:54:11 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export function getDefaults() {
|
|
|
|
return _.extend(
|
|
|
|
{
|
|
|
|
SUPERVISOR_VPN_CONTROL: 'true',
|
|
|
|
},
|
|
|
|
_.mapValues(_.mapKeys(configKeys, 'envVarName'), 'defaultValue'),
|
|
|
|
);
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export function resetRateLimits() {
|
|
|
|
_.each(rateLimits, (action) => {
|
|
|
|
action.lastAttempt = null;
|
|
|
|
});
|
|
|
|
}
|
2019-02-05 15:40:29 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export function bootConfigChangeRequired(
|
2020-08-18 00:05:31 +00:00
|
|
|
configBackend: ConfigBackend,
|
2020-07-08 09:50:52 +00:00
|
|
|
current: Dictionary<string>,
|
|
|
|
target: Dictionary<string>,
|
|
|
|
deviceType: string,
|
|
|
|
): boolean {
|
2020-08-07 23:21:46 +00:00
|
|
|
const targetBootConfig = configUtils.envToBootConfig(configBackend, target);
|
|
|
|
const currentBootConfig = configUtils.envToBootConfig(configBackend, current);
|
2020-07-08 09:50:52 +00:00
|
|
|
|
|
|
|
// Some devices require specific overlays, here we apply them
|
2021-01-05 21:30:07 +00:00
|
|
|
configBackend.ensureRequiredConfig(deviceType, targetBootConfig);
|
2020-07-08 09:50:52 +00:00
|
|
|
|
2020-08-18 00:05:31 +00:00
|
|
|
// Search for any unsupported values
|
|
|
|
_.each(targetBootConfig, (value, key) => {
|
|
|
|
if (
|
|
|
|
!configBackend.isSupportedConfig(key) &&
|
|
|
|
currentBootConfig[key] !== value
|
|
|
|
) {
|
|
|
|
const err = `Attempt to change blacklisted config value ${key}`;
|
|
|
|
logger.logSystemMessage(err, { error: err }, 'Apply boot config error');
|
|
|
|
throw new Error(err);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
if (!_.isEqual(currentBootConfig, targetBootConfig)) {
|
2020-08-18 00:05:31 +00:00
|
|
|
// Check if the only difference is the targetBootConfig not containing a special case
|
|
|
|
const SPECIAL_CASE = 'configuration'; // ODMDATA Mode for TX2 devices
|
|
|
|
if (!(SPECIAL_CASE in targetBootConfig)) {
|
|
|
|
// Create a copy to modify
|
|
|
|
const targetCopy = _.cloneDeep(targetBootConfig);
|
|
|
|
// Add current value to simulate if the value was set in the cloud on provision
|
|
|
|
targetCopy[SPECIAL_CASE] = currentBootConfig[SPECIAL_CASE];
|
|
|
|
if (_.isEqual(targetCopy, currentBootConfig)) {
|
|
|
|
// This proves the only difference is ODMDATA configuration is not set in target config.
|
|
|
|
// This special case is to allow devices that upgrade to SV with ODMDATA support
|
|
|
|
// and have no set a ODMDATA configuration in the cloud yet.
|
|
|
|
// Normally on provision this value would have been sent to the cloud.
|
|
|
|
return false; // (no change is required)
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2020-08-18 00:05:31 +00:00
|
|
|
}
|
|
|
|
// Change is required because configs do not match
|
2020-07-08 09:50:52 +00:00
|
|
|
return true;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-08-18 00:05:31 +00:00
|
|
|
|
|
|
|
// Return false (no change is required)
|
2020-07-08 09:50:52 +00:00
|
|
|
return false;
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2022-02-09 20:47:41 +00:00
|
|
|
function getConfigSteps(
|
|
|
|
current: Dictionary<string>,
|
|
|
|
target: Dictionary<string>,
|
|
|
|
) {
|
2020-07-08 09:50:52 +00:00
|
|
|
const configChanges: Dictionary<string> = {};
|
|
|
|
const humanReadableConfigChanges: Dictionary<string> = {};
|
|
|
|
let reboot = false;
|
2022-02-09 20:47:41 +00:00
|
|
|
const steps: ConfigStep[] = [];
|
2020-07-08 09:50:52 +00:00
|
|
|
|
|
|
|
_.each(
|
|
|
|
configKeys,
|
|
|
|
(
|
|
|
|
{ envVarName, varType, rebootRequired: $rebootRequired, defaultValue },
|
|
|
|
key,
|
|
|
|
) => {
|
|
|
|
let changingValue: null | string = null;
|
|
|
|
// Test if the key is different
|
|
|
|
if (!configTest(varType, current[envVarName], target[envVarName])) {
|
|
|
|
// Check that the difference is not due to the variable having an invalid
|
|
|
|
// value set from the cloud
|
|
|
|
if (config.valueIsValid(key as SchemaTypeKey, target[envVarName])) {
|
|
|
|
// Save the change if it is both valid and different
|
|
|
|
changingValue = target[envVarName];
|
|
|
|
} else {
|
|
|
|
if (!configTest(varType, current[envVarName], defaultValue)) {
|
|
|
|
const message = `Warning: Ignoring invalid device configuration value for ${key}, value: ${inspect(
|
|
|
|
target[envVarName],
|
|
|
|
)}. Falling back to default (${defaultValue})`;
|
|
|
|
logger.logSystemMessage(
|
|
|
|
message,
|
|
|
|
{ key: envVarName, value: target[envVarName] },
|
|
|
|
'invalidDeviceConfig',
|
|
|
|
false,
|
|
|
|
);
|
|
|
|
// Set it to the default value if it is different to the current
|
|
|
|
changingValue = defaultValue;
|
2019-03-27 13:08:04 +00:00
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
if (changingValue != null) {
|
|
|
|
configChanges[key] = changingValue;
|
|
|
|
humanReadableConfigChanges[envVarName] = changingValue;
|
|
|
|
reboot = $rebootRequired || reboot;
|
2019-03-07 17:48:49 +00:00
|
|
|
}
|
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
},
|
|
|
|
);
|
|
|
|
|
|
|
|
if (!_.isEmpty(configChanges)) {
|
2022-02-10 19:26:22 +00:00
|
|
|
if (reboot) {
|
|
|
|
steps.push({ action: 'setRebootBreadcrumb' });
|
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
steps.push({
|
|
|
|
action: 'changeConfig',
|
|
|
|
target: configChanges,
|
|
|
|
humanReadableTarget: humanReadableConfigChanges,
|
2019-03-07 17:48:49 +00:00
|
|
|
});
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2019-03-07 17:48:49 +00:00
|
|
|
|
2022-02-09 20:47:41 +00:00
|
|
|
return steps;
|
|
|
|
}
|
|
|
|
|
|
|
|
async function getVPNSteps(
|
|
|
|
current: Dictionary<string>,
|
|
|
|
target: Dictionary<string>,
|
|
|
|
) {
|
|
|
|
const { unmanaged } = await config.getMany(['unmanaged']);
|
|
|
|
|
|
|
|
let steps: ConfigStep[] = [];
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
// Check for special case actions for the VPN
|
|
|
|
if (
|
|
|
|
!unmanaged &&
|
|
|
|
!_.isEmpty(target['SUPERVISOR_VPN_CONTROL']) &&
|
|
|
|
checkBoolChanged(current, target, 'SUPERVISOR_VPN_CONTROL')
|
|
|
|
) {
|
|
|
|
steps.push({
|
|
|
|
action: 'setVPNEnabled',
|
|
|
|
target: target['SUPERVISOR_VPN_CONTROL'],
|
|
|
|
});
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2022-02-09 20:47:41 +00:00
|
|
|
// TODO: the only step that requires rate limiting is setVPNEnabled
|
|
|
|
// do not use rate limiting in the future as it probably will change.
|
|
|
|
// The reason rate limiting is needed for this step is because the dbus
|
|
|
|
// API does not wait for the service response when a unit is started/stopped.
|
|
|
|
// This would cause too many requests on systemd and a possible error.
|
|
|
|
// Promisifying the dbus api to wait for the response would be the right solution
|
2020-07-08 09:50:52 +00:00
|
|
|
const now = Date.now();
|
|
|
|
steps = _.map(steps, (step) => {
|
|
|
|
const action = step.action;
|
|
|
|
if (action in rateLimits) {
|
|
|
|
const lastAttempt = rateLimits[action].lastAttempt;
|
|
|
|
rateLimits[action].lastAttempt = now;
|
|
|
|
|
|
|
|
// If this step should be rate limited, we replace it with a noop.
|
|
|
|
// We do this instead of removing it, as we don't actually want the
|
|
|
|
// state engine to think that it's successfully applied the target state,
|
|
|
|
// as it won't reattempt the change until the target state changes
|
|
|
|
if (
|
|
|
|
lastAttempt != null &&
|
|
|
|
Date.now() - lastAttempt < rateLimits[action].duration
|
|
|
|
) {
|
|
|
|
return { action: 'noop' } as ConfigStep;
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
return step;
|
|
|
|
});
|
|
|
|
|
2022-02-09 20:47:41 +00:00
|
|
|
return steps;
|
|
|
|
}
|
|
|
|
|
|
|
|
async function getBackendSteps(
|
|
|
|
current: Dictionary<string>,
|
|
|
|
target: Dictionary<string>,
|
|
|
|
) {
|
|
|
|
const steps: ConfigStep[] = [];
|
2020-08-07 23:21:46 +00:00
|
|
|
const backends = await getConfigBackends();
|
2022-02-09 20:47:41 +00:00
|
|
|
const { deviceType } = await config.getMany(['deviceType']);
|
|
|
|
|
2020-08-07 23:21:46 +00:00
|
|
|
// Check for required bootConfig changes
|
2020-08-18 00:05:31 +00:00
|
|
|
for (const backend of backends) {
|
|
|
|
if (changeRequired(backend, current, target, deviceType)) {
|
2020-08-07 23:21:46 +00:00
|
|
|
steps.push({
|
|
|
|
action: 'setBootConfig',
|
|
|
|
target,
|
|
|
|
});
|
|
|
|
}
|
2020-08-18 00:05:31 +00:00
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2022-02-10 19:26:22 +00:00
|
|
|
return [
|
|
|
|
// All backend steps require a reboot
|
|
|
|
...(steps.length > 0
|
|
|
|
? [{ action: 'setRebootBreadcrumb' } as ConfigStep]
|
|
|
|
: []),
|
|
|
|
...steps,
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
async function isRebootRequired() {
|
|
|
|
const hasBreadcrumb = await fsUtils.exists(REBOOT_BREADCRUMB);
|
|
|
|
if (hasBreadcrumb) {
|
|
|
|
const stats = await fs.stat(REBOOT_BREADCRUMB);
|
|
|
|
|
|
|
|
// If the breadcrumb exists and the last modified time is greater than the
|
|
|
|
// boot time, that means we need to reboot
|
|
|
|
return stats.mtime.getTime() > fsUtils.getBootTime().getTime();
|
|
|
|
}
|
|
|
|
return false;
|
2022-02-09 20:47:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export async function getRequiredSteps(
|
2021-08-25 15:31:54 +00:00
|
|
|
currentState: { local?: { config?: EnvVarObject } },
|
|
|
|
targetState: { local?: { config: EnvVarObject } },
|
2022-02-09 20:47:41 +00:00
|
|
|
): Promise<ConfigStep[]> {
|
2021-08-25 15:31:54 +00:00
|
|
|
const current = currentState?.local?.config ?? {};
|
|
|
|
const target = targetState?.local?.config ?? {};
|
2022-02-09 20:47:41 +00:00
|
|
|
|
2022-02-09 21:47:19 +00:00
|
|
|
const configSteps = getConfigSteps(current, target);
|
2022-02-10 19:26:22 +00:00
|
|
|
const steps = [
|
|
|
|
...configSteps,
|
|
|
|
...(await getVPNSteps(current, target)),
|
2022-02-09 21:47:19 +00:00
|
|
|
|
|
|
|
// Only apply backend steps if no more config changes are left since
|
|
|
|
// changing config.json may restart the supervisor
|
2022-02-10 19:26:22 +00:00
|
|
|
...(configSteps.length > 0 &&
|
|
|
|
// if any config step is a not 'noop' step, skip the backend steps
|
|
|
|
configSteps.filter((s) => s.action !== 'noop').length > 0
|
2022-02-09 21:47:19 +00:00
|
|
|
? // Set a 'noop' action so the apply function knows to retry
|
2022-02-10 19:26:22 +00:00
|
|
|
[{ action: 'noop' } as ConfigStep]
|
|
|
|
: await getBackendSteps(current, target)),
|
|
|
|
];
|
2022-02-09 20:47:41 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
// Check if there is either no steps, or they are all
|
|
|
|
// noops, and we need to reboot. We want to do this
|
|
|
|
// because in a preloaded setting with no internet
|
|
|
|
// connection, the device will try to start containers
|
|
|
|
// before any boot config has been applied, which can
|
|
|
|
// cause problems
|
2022-02-10 19:26:22 +00:00
|
|
|
const rebootRequired = await isRebootRequired();
|
2020-07-08 09:50:52 +00:00
|
|
|
if (_.every(steps, { action: 'noop' }) && rebootRequired) {
|
|
|
|
steps.push({
|
|
|
|
action: 'reboot',
|
|
|
|
});
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
return steps;
|
|
|
|
}
|
|
|
|
|
2020-08-18 00:05:31 +00:00
|
|
|
function changeRequired(
|
|
|
|
configBackend: ConfigBackend,
|
|
|
|
currentConfig: Dictionary<string>,
|
|
|
|
targetConfig: Dictionary<string>,
|
|
|
|
deviceType: string,
|
|
|
|
): boolean {
|
|
|
|
let aChangeIsRequired = false;
|
|
|
|
try {
|
|
|
|
aChangeIsRequired = bootConfigChangeRequired(
|
|
|
|
configBackend,
|
|
|
|
currentConfig,
|
|
|
|
targetConfig,
|
|
|
|
deviceType,
|
|
|
|
);
|
|
|
|
} catch (e) {
|
|
|
|
switch (e) {
|
|
|
|
case 'Value missing from target configuration.':
|
|
|
|
if (configBackend instanceof Odmdata) {
|
|
|
|
// In this special case, devices with ODMDATA support may have
|
|
|
|
// empty configuration options in the target if they upgraded to a SV
|
|
|
|
// version with ODMDATA support and didn't set a value in the cloud.
|
|
|
|
// If this is the case then we will update the cloud with the device's
|
|
|
|
// current config and then continue without an error
|
|
|
|
aChangeIsRequired = false;
|
|
|
|
} else {
|
|
|
|
log.debug(`
|
|
|
|
The device has a configuration setting that the cloud does not have set.\nNo configurations for this backend will be set.`);
|
|
|
|
// Set changeRequired to false so we do not get stuck in a loop trying to fix this mismatch
|
|
|
|
aChangeIsRequired = false;
|
|
|
|
}
|
|
|
|
default:
|
|
|
|
throw e;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return aChangeIsRequired;
|
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export function executeStepAction(
|
|
|
|
step: ConfigStep,
|
|
|
|
opts: DeviceActionExecutorOpts,
|
|
|
|
) {
|
|
|
|
if (step.action !== 'reboot' && step.action !== 'noop') {
|
|
|
|
return actionExecutors[step.action](step, opts);
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
export function isValidAction(action: string): boolean {
|
|
|
|
return _.includes(_.keys(actionExecutors), action);
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
export async function getBootConfig(
|
2020-08-07 17:34:32 +00:00
|
|
|
backend: ConfigBackend | null,
|
2020-07-08 09:50:52 +00:00
|
|
|
): Promise<EnvVarObject> {
|
|
|
|
if (backend == null) {
|
|
|
|
return {};
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
const conf = await backend.getBootConfig();
|
|
|
|
return configUtils.bootConfigToEnv(backend, conf);
|
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
// Exported for tests
|
|
|
|
export async function setBootConfig(
|
2020-08-07 17:34:32 +00:00
|
|
|
backend: ConfigBackend | null,
|
2020-07-08 09:50:52 +00:00
|
|
|
target: Dictionary<string>,
|
|
|
|
) {
|
|
|
|
if (backend == null) {
|
|
|
|
return false;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
const conf = configUtils.envToBootConfig(backend, target);
|
|
|
|
logger.logSystemMessage(
|
|
|
|
`Applying boot config: ${JSON.stringify(conf)}`,
|
|
|
|
{},
|
|
|
|
'Apply boot config in progress',
|
|
|
|
);
|
|
|
|
|
2021-01-05 21:30:07 +00:00
|
|
|
// Ensure the required target config is available
|
|
|
|
backend.ensureRequiredConfig(await config.get('deviceType'), conf);
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
try {
|
|
|
|
await backend.setBootConfig(conf);
|
2020-06-08 12:57:31 +00:00
|
|
|
logger.logSystemMessage(
|
2020-07-08 09:50:52 +00:00
|
|
|
`Applied boot config: ${JSON.stringify(conf)}`,
|
2018-12-20 17:12:04 +00:00
|
|
|
{},
|
2020-07-08 09:50:52 +00:00
|
|
|
'Apply boot config success',
|
2018-12-20 17:12:04 +00:00
|
|
|
);
|
2020-07-08 09:50:52 +00:00
|
|
|
return true;
|
|
|
|
} catch (err) {
|
|
|
|
logger.logSystemMessage(
|
|
|
|
`Error setting boot config: ${err}`,
|
|
|
|
{ error: err },
|
|
|
|
'Apply boot config error',
|
|
|
|
);
|
|
|
|
throw err;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-08-07 23:21:46 +00:00
|
|
|
async function isVPNEnabled(): Promise<boolean> {
|
2020-07-08 09:50:52 +00:00
|
|
|
try {
|
|
|
|
const activeState = await dbus.serviceActiveState(vpnServiceName);
|
|
|
|
return !_.includes(['inactive', 'deactivating'], activeState);
|
2022-09-19 15:08:16 +00:00
|
|
|
} catch (e: any) {
|
2020-07-08 09:50:52 +00:00
|
|
|
if (UnitNotLoadedError(e)) {
|
|
|
|
return false;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
throw e;
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2021-02-15 23:35:57 +00:00
|
|
|
async function setVPNEnabled(value: string | boolean = true) {
|
|
|
|
const enable = checkTruthy(value);
|
2020-07-08 09:50:52 +00:00
|
|
|
if (enable) {
|
|
|
|
await dbus.startService(vpnServiceName);
|
|
|
|
} else {
|
|
|
|
await dbus.stopService(vpnServiceName);
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2018-12-20 17:12:04 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
function configTest(method: string, a: string, b: string): boolean {
|
|
|
|
switch (method) {
|
|
|
|
case 'bool':
|
|
|
|
return checkTruthy(a) === checkTruthy(b);
|
|
|
|
case 'int':
|
|
|
|
return checkInt(a) === checkInt(b);
|
|
|
|
case 'string':
|
|
|
|
return a === b;
|
|
|
|
default:
|
|
|
|
throw new Error('Incorrect datatype passed to DeviceConfig.configTest');
|
2018-12-20 17:12:04 +00:00
|
|
|
}
|
2020-07-08 09:50:52 +00:00
|
|
|
}
|
2019-02-05 15:40:29 +00:00
|
|
|
|
2020-07-08 09:50:52 +00:00
|
|
|
function checkBoolChanged(
|
|
|
|
current: Dictionary<string>,
|
|
|
|
target: Dictionary<string>,
|
|
|
|
key: string,
|
|
|
|
): boolean {
|
|
|
|
return checkTruthy(current[key]) !== checkTruthy(target[key]);
|
|
|
|
}
|