confd: relocate auto-factory templates and prepare fail secure mode

The template and scripts for generating per-device factory-config have
been spread out across the repo.  This is an attempt to gather all the
pieces to a single location for better overview.

Parts of factory-config will be reused for the new fail secure mode, in
the file failure-config.  The beginnings of which are in this commit.

Other changes:
 - cfg-bootstrap and confd-bootstrap have been collapsed into one
 - let gen-hostname + gen-interfaces save to /cfg instead of /etc,
   we've moved the /etc directory to read-only storage in /usr/share
 - delay start of bootstrap and sysrepo-plugind after syslogd barrier
 - set 'norestart' when loading startup-confg and failure-config,
   no point in retrying if that fails, just go to error immediately

Signed-off-by: Joachim Wiberg <[email protected]>

Author: troglobit

board/netconf/rootfs/lib/infix/cfg-bootstrap

@@ -1,16 +1,21 @@
 #set DEBUG=1
 
-run name:bootstrap log:prio:user.notice \
-	[S] /lib/infix/cfg-bootstrap -- Bootstrapping YANG models
+run name:bootstrap log:prio:user.notice <pid/syslogd> \
+	[S] /usr/libexec/confd/bootstrap -- Bootstrapping YANG datastore
 
-service name:sysrepo log \
+service name:sysrepo log <pid/syslogd> \
 	[S12345789] sysrepo-plugind -f -p /run/sysrepo.pid -n -v3 -- Configuration daemon
 
 # Bootstrap system with startup-config
-run name:startup log:prio:user.notice \
-	[S] <pid/sysrepo> /usr/libexec/confd/confd-load.sh -b startup-config \
+run name:startup log:prio:user.notice norestart \
+	[S] <pid/sysrepo> /usr/libexec/confd/load -b startup-config \
 	-- Loading startup-config
 
+# Run if loading startup-config fails for some reason
+run name:failure log:prio:user.critical norestart if:<run/startup/failure> \
+	[S] <pid/sysrepo> /usr/libexec/confd/load failure-config \
+	-- Loading failure-config
+
 service name:netopeer log \
 	[12345789] <pid/sysrepo> netopeer2-server -F -t 60 \
 	-- NETCONF server

package/confd/sysrepo.conf

@@ -1,5 +1,5 @@
-SUBDIRS             = src yang
+SUBDIRS             = src yang share
 dist_doc_DATA       = README.md LICENSE
-pkglibexec_SCRIPTS  = confd-bootstrap.sh confd-load.sh
+pkglibexec_SCRIPTS  = $(wildcard bin/*)
 DISTCLEANFILES      = *~ *.d
 ACLOCAL_AMFLAGS     = -I m4

src/confd/Makefile.am

@@ -1,4 +1,6 @@
 #!/bin/sh
+# Bootstrap sysrepo db with all modules required by confd
+#
 # 1. Load all yang models with /cfg/factory-config
 # 2. [ if /cfg/startup-config is missing :: copy {factory} -> /cfg/startup-config ]
 # 3. Import /cfg/startup -> {startup} ]
@@ -9,14 +11,42 @@
 # It's all really simple ... this script takes care of 1-4
 #
 
-FACTORY=$1
-STARTUP=$2
+PATH=/usr/libexec/confd/:$PATH
 INIT_DATA=/etc/sysrepo/factory-default.json
 SEARCH=/usr/share/yang/modules/confd:/usr/share/yang/modules/libnetconf2:/usr/share/yang/modules/libyang:/usr/share/yang/modules/netopeer2:/usr/share/yang/modules/sysrepo
 
-if [ -z "$FACTORY" -o -z "$STARTUP" ]; then
-        echo "Missing argument to sysrepo-bootstrap.sh $FACTORY $STARTUP"
-        exit 1
+[ "$FACTORY_D" ] || FACTORY_D=/usr/share/confd/factory
+[ "$CFG_D" ]     || CFG_D=/cfg
+[ "$GENCFG_D" ]  || GENCFG_D=/cfg/factory.d
+
+FACTORY=$CFG_D/factory-config.cfg
+STARTUP=$CFG_D/startup-config.cfg
+
+# Generate device's factory-config at first boot
+if [ ! -d "$GENCFG_D" ]; then
+    mkdir -p $GENCFG_D
+
+    gen-hostname   >$GENCFG_D/20-auto-hostname.json
+    gen-interfaces >$GENCFG_D/20-auto-interfaces.json
+
+    [ -s $GENCFG_D/20-auto-hostkey.json ] || gen-hostkeys >$GENCFG_D/20-auto-hostkey.json
+
+    # Allow regenerating default factory-config, but keep it read-ony
+    # to prevent it from being overwritten by mistake by users.
+    rm -f $CFG_D/auto-factory-config.cfg
+    # shellcheck disable=SC2046
+    jq -s 'reduce .[] as $item ({}; . * $item)' \
+       $(find $FACTORY_D -name '*.json') \
+       $(find $GENCFG_D  -name '*.json') \
+       >$CFG_D/auto-factory-config.cfg
+    chmod 444 $CFG_D/auto-factory-config.cfg
+
+    # TODO: Look for statically defined factory-config, based on the
+    #       system's product ID, or just custom site-specific factory.
+
+    # If we haven't found a better one, settle for auto-factory-config as
+    # the system's factory-config.
+    [ -h $FACTORY ] || ln -sf auto-factory-config.cfg $FACTORY
 fi
 
 # Drop all pre-initialized data from netopeer2 install, then re-create

src/confd/confd-bootstrap.sh renamed to src/confd/bin/bootstrap

@@ -29,7 +29,6 @@ fi
 if ! sysrepocfg -v3 -I"$fn" -f json; then
     if eval $bootstrap; then
 	logger -sik -p user.error "Failed bootstrapping system, reverting to Fail Secure mode!"
-	initctl -nbq cond set fail-startup
 	initctl -nbq runlevel 9
     else
 	logger -sik -p user.error "Failed loading $fn, aborting!"

board/netconf/rootfs/lib/infix/factory/gen-hostkeys renamed to src/confd/bin/gen-hostkeys

@@ -5,6 +5,9 @@ AM_SILENT_RULES(yes)
 
 AC_CONFIG_FILES([
 	Makefile
+	share/Makefile
+	share/factory/Makefile
+	share/failure/Makefile
 	src/Makefile
 	yang/Makefile
 ])

board/netconf/rootfs/lib/infix/factory/gen-hostname renamed to src/confd/bin/gen-hostname

@@ -0,0 +1,2 @@
+SUBDIRS             = factory failure
+pkgdata_DATA        = $(wildcard share/*)