From 773a0eb2d958d4addf84b87413ca5d15890fdf34 Mon Sep 17 00:00:00 2001
From: Kai Lueke <kailuke@microsoft.com>
Date: Tue, 29 Aug 2023 15:29:27 +0200
Subject: [PATCH] README: Add sysext update service to Ignition setup

The systemd-sysupdate components need to be updated either manually or
automatically.
Add a timer unit to do automatic updates. The unit is based on the
upstream systemd-sysupdate.timer.
---
 README.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/README.md b/README.md
index 508c6ed..b295b85 100644
--- a/README.md
+++ b/README.md
@@ -150,6 +150,34 @@ storage:
           Type=regular-file
           Path=/opt/extensions/docker
           CurrentSymlink=/etc/extensions/docker.raw
+systemd:
+  units:
+    - name: update-sysext.service
+      enabled: false
+      contents: |
+        [Unit]
+        Wants=network-online.target
+        After=network-online.target
+        [Service]
+        Type=oneshot
+        ExecStart=/usr/lib/systemd/systemd-sysupdate -C docker update
+        ExecStart=/usr/lib/systemd/systemd-sysupdate -C kubernetes update
+        # Add more components to update here:
+        # ExecStart=/usr/lib/systemd/systemd-sysupdate -C MORECOMPONENTS update
+        ExecStart=systemctl restart systemd-sysext
+        [Install]
+        Also=update-sysext.timer
+    - name: update-sysext.timer
+      enabled: true
+      contents: |
+        [Timer]
+        OnBootSec=15min
+        OnUnitActiveSec=2h
+        OnCalendar=Sat
+        RandomizedDelaySec=4h
+        Persistent=yes
+        [Install]
+        WantedBy=timers.target
 ```
 
 ### Creating a custom Docker sysext image