provisioning/sysext: Use systemd-sysupdate components

The controlling of the version with systemd-sysupdate only works when using separate components. Define the update config as component and add a timer unit for auto updates.
flatcar-archive · Aug 29, 2023 · 61bf7d5 · 61bf7d5
1 parent 54c71fb
commit 61bf7d5
Showing 1 changed file with 31 additions and 10 deletions.
diff --git a/docs/provisioning/sysext/_index.md b/docs/provisioning/sysext/_index.md
@@ -123,14 +123,10 @@ Here is an example using Butane:
 # ./flatcar_production_qemu.sh -i ./config.json
 variant: flatcar
 version: 1.0.0
-systemd:
-  units:
-    - name: systemd-sysupdate.timer
-      enabled: true
 storage:
   links:
-    - target: /opt/extensions/docker/docker-24.0.5.raw
-      path: /etc/extensions/docker.raw
+    - path: /etc/extensions/docker.raw
+      target: /opt/extensions/docker/docker-24.0.5.raw
       hard: false
     - path: /etc/extensions/docker-flatcar.raw
       target: /dev/null
@@ -143,7 +139,7 @@ storage:
       contents:
         source: https://github.com/flatcar/sysext-bakery/releases/download/20230803/docker-24.0.5.raw
     - path: /etc/systemd/system-generators/torcx-generator
-    - path: /etc/sysupdate.d/docker.conf
+    - path: /etc/sysupdate.docker.d/docker.conf
       contents:
         inline: |
           [Transfer]
@@ -159,10 +155,35 @@ storage:
           Type=regular-file
           Path=/opt/extensions/docker
           CurrentSymlink=/etc/extensions/docker.raw
+systemd:
+  units:
+    - name: update-sysext.service
+      enabled: false
+      contents: |
+        [Unit]
+        Wants=network-online.target
+        After=network-online.target
+        [Service]
+        Type=oneshot
+        ExecStart=/usr/lib/systemd/systemd-sysupdate -C docker update
+        # Add more components to update here:
+        # ExecStart=/usr/lib/systemd/systemd-sysupdate -C MORECOMPONENTS update
+        ExecStart=systemctl restart systemd-sysext
+        [Install]
+        Also=update-sysext.timer
+    - name: update-sysext.timer
+      enabled: true
+      contents: |
+        [Timer]
+        OnBootSec=15min
+        OnUnitActiveSec=2h
+        OnCalendar=Sat
+        RandomizedDelaySec=4h
+        Persistent=yes
+        [Install]
+        WantedBy=timers.target
 ```
 
-This configuration will enable the `systemd-sysupdate.timer` that will weekly check for a new Docker sysext image available from the latest release of [`sysext-bakery`][sysext-bakery].
-
-Once the image downloaded and depending on the feature shipped by the extension it might be required to run `systemd-sysext refresh` or reboot to load the new image.
+This configuration will set up an `update-sysext.timer` unit that will check every 2-6 hours for a new Docker sysext image available from the latest release of [`sysext-bakery`][sysext-bakery].
 
 [sysext-bakery]: https://github.com/flatcar/sysext-bakery