Also take validation functions into a module, and use that in all cases where
we need to check for an integer or string.
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Current delta timeouts are too limiting, so we increase the request timeout to 30 minutes which is big enough that
the server will time out first and we can provide a nice message letting the user know we'll retry; and we increase
the total timeout to 24 hours to account for really big deltas over slower connections (the rsync calls will time out anyways
if something else goes wrong, as they have a 5 minute I/O timeout).
The timeouts are now configurable with the RESIN_SUPERVISOR_DELTA_REQUEST_TIMEOUT and RESIN_SUPERVISOR_DELTA_TOTAL_TIMEOUT
configuration variables.
Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Also remove versionist.conf.js as it's no longer necessary (versionist now
defaults to its internal versionist.conf).
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
We add a 1s delay between requests to the API to apply state changes,
as this will throttle it to a point that it has a reasonable rate while
preventing too many unnecessary requests to the API.
Closes#375
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Resin OS 2.X removes the use of compressed modules, which was the initial
motivation for us to bind mount kmod into user containers (as Debian distros
don't include support for compressed modules).
This is a breaking change, but we still keep bind mounting on devices that are
on 1.X to ensure we don't break apps currently relying on the feature.
Implementation note: some functions in device.coffee have been refactored to
extract (DRY) a memoization procedure for Promise-returning functions.
`device.getOSVersion()` now also memoizes its result.
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
If there's no entries in deviceConfig table, always create one.
Avoids problems if the supervisor is stopped while running the db initialization
(deviceConfig gets created but not populated).
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
We've been using tar directly on the base image folder, and this makes
the file ordering unpredictable between filesystems, so we use find and
sort so that the files are always tarred in the same order, producing the same
hash in different filesystems.
We also now set the mtime to the specific Unix timestamp 0, to avoid differences
due to timezones.
Also remove the dest folder before calculating the hash.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
I had forgotten to git add versionist.conf in #364 :S
This will be unnecessary if resin-io/versionist#58 is addressed, but
we want it in the meantime.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This commit changes the automation scripts so that the base image
is built together with the rest of the supervisor. We use a hash of
the contents of the base-image folder as tag for the base image so
that unnecessary rebuilds are avoided.
The build scripts are also modified to always clean up the resulting base image
and the image used to build it. We use docker pull and push to enable caching.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
We use the default versionist configuration.
Changelog has been edited to match the versionist format as much as possible.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Using REJECT allows better feedback for legitimate users while providing the same level
of security than drop (see http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-reject).
But some hosts don't have REJECT support in the kernel config, so in that case we fall back to DROP.
Because the i397 architecture has no support for the SSE instruction set
we must make sure we do not issue any of these instructions.
Signed-off-by: Theodor Gherzan <theodor@resin.io>
