| 1 |
# Privileged self-update unit for the Sando controller. |
| 2 |
# |
| 3 |
# Instance name = the target git sha, e.g. `sando-update@<40-hex>.service`. |
| 4 |
# Triggered by sandod's POST /self-update (the sando user is authorized to |
| 5 |
# start this template by the polkit rule 10-sando-update.rules) — sandod itself |
| 6 |
# runs unprivileged and cannot install a binary or restart its own service. |
| 7 |
# |
| 8 |
# Install (one-time, as root): |
| 9 |
# sudo install -m 0755 sando-self-update.sh /usr/local/lib/sando/sando-self-update.sh |
| 10 |
# sudo install -m 0644 sando-update@.service /etc/systemd/system/ |
| 11 |
# sudo install -m 0644 10-sando-update.rules /etc/polkit-1/rules.d/ |
| 12 |
# sudo systemctl daemon-reload |
| 13 |
# |
| 14 |
# Watch a run: journalctl -u sando-update@<sha> -f |
| 15 |
[Unit] |
| 16 |
Description=Sando controller self-update to %i |
| 17 |
# Don't tear sandod down underneath an in-flight job needlessly; ordering only. |
| 18 |
After=network-online.target |
| 19 |
|
| 20 |
[Service] |
| 21 |
Type=oneshot |
| 22 |
# Root: the build drops to the sando user internally; install + restart need root. |
| 23 |
ExecStart=/usr/local/lib/sando/sando-self-update.sh %i |
| 24 |
# Inherit the operator-set knobs (upstream URL, build user, paths) if present. |
| 25 |
EnvironmentFile=-/etc/sando/sando.env |
| 26 |
TimeoutStartSec=1800 |
| 27 |
StandardOutput=journal |
| 28 |
StandardError=journal |
| 29 |
SyslogIdentifier=sando-update |
| 30 |
|