[code] restart service via pdsm #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: '"35 min" LARGE on latest RPiOS Lite' | |
| on: | |
| push: | |
| paths-ignore: | |
| - '**/*.md' | |
| - '**/*.rst' | |
| - '**/*.html' | |
| - '**/*.css' | |
| - '**/*.svg' | |
| - '**/*.jpg' | |
| - '**/*.png' | |
| - '**/*.php' | |
| - '**/*.js' | |
| pull_request: # needed to show up in Pull Request UI | |
| paths-ignore: | |
| - '**/*.md' | |
| - '**/*.rst' | |
| - '**/*.html' | |
| - '**/*.css' | |
| - '**/*.svg' | |
| - '**/*.jpg' | |
| - '**/*.png' | |
| - '**/*.php' | |
| - '**/*.js' | |
| workflow_dispatch: | |
| jobs: | |
| test-install: | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| path: iiab | |
| fetch-depth: 0 # should be a full copy for updating later via git pull | |
| - uses: actions/checkout@v6 | |
| with: | |
| repository: chapmanjacobd/nspawn-loop | |
| path: nspawn-loop | |
| - name: Download RaspberryPi OS | |
| working-directory: nspawn-loop | |
| run: sudo ./mount.sh https://downloads.raspberrypi.org/raspios_lite_arm64_latest 20000 | |
| - name: Build image | |
| working-directory: nspawn-loop | |
| run: | | |
| sudo -E bash << 'EOF' | |
| set -euo pipefail | |
| STATE_FILE=$(find . -maxdepth 1 -name "*.state" | head -n 1) | |
| source "$STATE_FILE" | |
| VERSION=$(grep '^iiab_base_ver:' ../iiab/vars/default_vars.yml | awk '{print $2}') | |
| echo "IIAB_BASE_VERSION=$VERSION" >> $GITHUB_ENV | |
| OS="rpios" | |
| EDITION="large" | |
| HASH=$(git -C ../iiab rev-parse --short=7 HEAD) | |
| COMMIT_DATETIME_LOCAL=$(git -C ../iiab log -1 --format=%cd --date=iso-strict) | |
| # Convert the local time to UTC using the 'date' command | |
| COMMIT_DATETIME_UTC=$(date -d "$COMMIT_DATETIME_LOCAL" -u +"%Y-%m-%dT%H:%M:%SZ") | |
| # Extract date and time components from the UTC timestamp | |
| COMMIT_DATE=$(date -d "$COMMIT_DATETIME_UTC" +'%y%m%d') | |
| PR_NUM=$(git -C ../iiab log -1 --pretty=%B | grep -oP 'Merge pull request #\K[0-9]+' || echo "") | |
| PR_NUM="${PR_NUM%/*}" | |
| TAG_NAME="${{ github.ref_name }}" | |
| TAG_NAME="${TAG_NAME%/*}" | |
| if [[ "$TAG_NAME" =~ ^[0-9] ]]; then | |
| IMG_NAME="iiab-$VERSION-$OS-$EDITION-$TAG_NAME" | |
| elif [[ -n "$PR_NUM" ]]; then | |
| IMG_NAME="iiab-$VERSION-$OS-$EDITION-${COMMIT_DATE}-PR${PR_NUM}" | |
| else | |
| IMG_NAME="iiab-$VERSION-$OS-$EDITION-${COMMIT_DATE}-${HASH}" | |
| fi | |
| echo "IMG_NAME=$IMG_NAME" >> $GITHUB_ENV | |
| mkdir -p "$MOUNT_DIR/opt/iiab" | |
| cp -R --preserve=mode,timestamps,links ../iiab "$MOUNT_DIR/opt/iiab/" | |
| mkdir -p "$MOUNT_DIR/etc/iiab" | |
| cp --preserve=mode,timestamps ../iiab/vars/local_vars_large.yml "$MOUNT_DIR/etc/iiab/local_vars.yml" | |
| echo "rpi_image: True" >> "$MOUNT_DIR/etc/iiab/local_vars.yml" | |
| sed -i "s/^iiab_admin_user_install: True/iiab_admin_user_install: False/" "$MOUNT_DIR/etc/iiab/local_vars.yml" | |
| if ! command -v expect &>/dev/null; then | |
| apt-get update && apt-get install -y expect | |
| fi | |
| if ! command -v systemd-nspawn &> /dev/null; then | |
| apt-get update && apt-get install -y systemd-container | |
| fi | |
| systemctl is-active --quiet systemd-networkd || systemctl start systemd-networkd | |
| systemctl is-active --quiet systemd-resolved || systemctl start systemd-resolved | |
| # Explicitly allow forwarding for systemd-nspawn virtual interfaces | |
| sysctl -w net.ipv4.ip_forward=1 | |
| EXT_IF=$(ip route | grep default | awk '{print $5}' | head -n1) | |
| iptables -t nat -A POSTROUTING -o "$EXT_IF" -j MASQUERADE | |
| iptables -A FORWARD -i ve-+ -o "$EXT_IF" -j ACCEPT | |
| iptables -A FORWARD -i "$EXT_IF" -o ve-+ -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| # Manually setting DNS can help avoid host loopback/127.0.0.53 issues | |
| # echo "nameserver 1.1.1.1" >> "$MOUNT_DIR/etc/resolv.conf" | |
| sed 's/^ //' << 'EOF_PRESET' > "$MOUNT_DIR/root/install_preset.sh" | |
| #!/bin/bash | |
| set -euo pipefail | |
| cd /opt/admin/cmdsrv | |
| scripts/get_kiwix_catalog | |
| scripts/get_oer2go_catalog | |
| if [[ -n $PRESET_ID ]]; then | |
| iiab-cmdsrv-ctl "INST-PRESETS {\"preset_id\":\"$PRESET_ID\"}" | |
| fi | |
| rm -f /root/install_preset.sh | |
| EOF_PRESET | |
| chmod +x "$MOUNT_DIR/root/install_preset.sh" | |
| systemd-firstboot --root="$MOUNT_DIR" --delete-root-password --force | |
| export MOUNT_DIR | |
| sed 's/^ //' << 'EXPECT_EOF' | expect | |
| set timeout 7200 | |
| spawn systemd-nspawn -q --network-veth --resolv-conf=off -D $env(MOUNT_DIR) -M box --boot | |
| expect "login: " { send "root\r" } | |
| expect -re {#\s?$} { send "apt update\r" } | |
| expect -re {#\s?$} { send "mkdir -p /etc/initramfs-tools/conf.d && echo 'MODULES=most' > /etc/initramfs-tools/conf.d/nspawn.conf\r" } | |
| expect -re {#\s?$} { send "DEBIAN_FRONTEND=noninteractive apt upgrade -y\r" } | |
| expect -re {#\s?$} { send "curl -fLo /usr/sbin/iiab https://raw.githubusercontent.com/iiab/iiab-factory/master/iiab\r" } | |
| expect -re {#\s?$} { send "chmod 0755 /usr/sbin/iiab\r" } | |
| expect -re {#\s?$} { send "/usr/sbin/iiab --risky\r" } | |
| expect { | |
| timeout { puts "\nTimed out waiting for final confirmation prompt"; exit 1 } | |
| "photographed" { send "\r" } | |
| "root@raspberrypi" { puts "\nAnsible quit before photograph. Exiting with failure."; exit 1 } | |
| } | |
| # forced reboot | |
| expect "login: " { send "root\r" } | |
| expect -re {#\s?$} { send "/root/install_preset.sh\r" } | |
| expect -re {#\s?$} { send "usermod --lock --expiredate=1 root\r" } | |
| # legacy whiptail TUI OOBE, replaced by cloud-init / rpi-imager | |
| # expect -re {#\s?$} { send "systemctl disable userconfig.service\r" } | |
| expect -re {#\s?$} { send "shutdown now\r" } | |
| expect eof | |
| EXPECT_EOF | |
| EOF | |
| - name: Validation | |
| working-directory: nspawn-loop | |
| run: | | |
| sudo -E bash << 'EOF' | |
| set -euo pipefail | |
| STATE_FILE=$(find . -maxdepth 1 -name "*.state" | head -n 1) | |
| source "$STATE_FILE" | |
| diff \ | |
| <(sort ../iiab/.github/workflows/tests/expected_state_large_image.yml) \ | |
| <(sort "$MOUNT_DIR/etc/iiab/iiab_state.yml") | |
| EOF |