underpost 2.8.811 → 2.8.814

package/README.md

@@ -68,7 +68,7 @@ Run dev client server
 npm run dev
 ```
 <!-- -->
-## underpost ci/cd cli v2.8.811
+## underpost ci/cd cli v2.8.814
 
 ### Usage: `underpost [options] [command]`
   ```

package/bin/deploy.js

@@ -51,23 +51,21 @@ logger.info('argv', process.argv);
 
 const [exe, dir, operator] = process.argv;
 
-const updateVirtualRoot = async ({ IP_ADDRESS, architecture, host, nfsHostPath, ipaddr, update }) => {
+const updateVirtualRoot = async ({ IP_ADDRESS, architecture, host, nfsHostPath, ipaddr, update, gatewayip }) => {
   // <consumer_key>:<consumer_token>:<secret>
   const MAAS_API_TOKEN = shellExec(`maas apikey --username ${process.env.MAAS_ADMIN_USERNAME}`, {
     stdout: true,
   }).trim();
-  const [consumer_key, consumer_token, secret] = MAAS_API_TOKEN.split(`\n`)[1].split(':');
+  const [consumer_key, consumer_token, secret] = MAAS_API_TOKEN.split(`\n`)[0].split(':');
   const chronyConfPath = `/etc/chrony/chrony.conf`;
   const timezone = 'America/New_York';
-  const timeZoneSteps = [
-    `apt-get update`,
 
+  const timeZoneSteps = [
     `export DEBIAN_FRONTEND=noninteractive`,
 
     `ln -fs /usr/share/zoneinfo/${timezone} /etc/localtime`,
 
-    `DEBIAN_FRONTEND=noninteractive apt-get install -y tzdata`,
-    `dpkg-reconfigure --frontend noninteractive tzdata`,
+    `sudo dpkg-reconfigure --frontend noninteractive tzdata`,
   ];
   const keyboardSteps = [
     `sudo locale-gen en_US.UTF-8`,
@@ -76,49 +74,27 @@ const updateVirtualRoot = async ({ IP_ADDRESS, architecture, host, nfsHostPath,
     `sudo dpkg-reconfigure --frontend noninteractive keyboard-configuration`,
     `sudo systemctl restart keyboard-setup.service`,
   ];
+  // #  - ${JSON.stringify([...timeZoneSteps, ...chronySetUp(chronyConfPath)])}
   const installSteps = [
-    `apt update`,
-    `apt install -y cloud-init systemd-sysv openssh-server sudo locales udev util-linux systemd-sysv iproute2 netplan.io ca-certificates curl wget chrony keyboard-configuration`,
-    `ln -sf /lib/systemd/systemd /sbin/init`,
-
-    `echo 'deb http://ports.ubuntu.com/ubuntu-ports noble main restricted universe multiverse
+    `cat <<EOF | tee /etc/apt/sources.list
+deb http://ports.ubuntu.com/ubuntu-ports noble main restricted universe multiverse
 deb http://ports.ubuntu.com/ubuntu-ports noble-updates main restricted universe multiverse
 deb http://ports.ubuntu.com/ubuntu-ports noble-security main restricted universe multiverse
+EOF`,
 
-# Uncomment the following lines if you also need source packages (for building from source)
-# deb-src http://ports.ubuntu.com/ubuntu-ports noble main restricted universe multiverse
-# deb-src http://ports.ubuntu.com/ubuntu-ports noble-updates main restricted universe multiverse
-# deb-src http://ports.ubuntu.com/ubuntu-ports noble-security main restricted universe multiverse
-' > /etc/apt/sources.list`,
-    `apt update`,
+    `apt update -qq`,
     `apt -y full-upgrade`,
+    `apt install -y xinput x11-xkb-utils usbutils`,
     // `apt install -y cloud-init=25.1.2-0ubuntu0~24.04.1`,
+    `apt install -y cloud-init systemd-sysv openssh-server sudo locales udev util-linux systemd-sysv iproute2 netplan.io ca-certificates curl wget chrony`,
+    `ln -sf /lib/systemd/systemd /sbin/init`,
 
-    `systemctl enable ssh`,
-
-    `apt update -qq`,
-    `apt install -y xinput x11-xkb-utils usbutils`,
+    `apt-get update`,
+    `DEBIAN_FRONTEND=noninteractive apt-get install -y apt-utils`,
+    `DEBIAN_FRONTEND=noninteractive apt-get install -y tzdata kmod keyboard-configuration console-setup`,
   ];
 
   let steps = [
-    // `date -s "${shellExec(`date '+%Y-%m-%d %H:%M:%S'`, { stdout: true }).trim()}"`,
-    // `date`,
-
-    ...timeZoneSteps,
-    ...chronySetUp(chronyConfPath),
-
-    // Create root user
-    `useradd -m -s /bin/bash -G sudo root`,
-    `echo 'root:root' | chpasswd`,
-    `mkdir -p /home/root/.ssh`,
-    `echo '${fs.readFileSync(
-      `/home/dd/engine/engine-private/deploy/id_rsa.pub`,
-      'utf8',
-    )}' > /home/root/.ssh/authorized_keys`,
-    `chown -R root /home/root/.ssh`,
-    `chmod 700 /home/root/.ssh`,
-    `chmod 600 /home/root/.ssh/authorized_keys`,
-
     // Configure cloud-init for MAAS
     `cat <<EOF_MAAS_CFG > /etc/cloud/cloud.cfg.d/90_maas.cfg
 #cloud-config
@@ -192,6 +168,9 @@ network:
         dhcp4: true
         addresses:
           - ${ipaddr}/24
+#         routes:
+#           - to: default
+#             via: ${gatewayip}
 
 # chpasswd:
 #   expire: false
@@ -209,40 +188,48 @@ bootcmd:
   - echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -"
   - echo "Init bootcmd"
   - echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -"
-#  - ${JSON.stringify([...timeZoneSteps, ...chronySetUp(chronyConfPath)])}
 runcmd:
   - echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -"
   - echo "Init runcmd"
   - echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -"
 EOF_MAAS_CFG`,
-    ...keyboardSteps,
   ];
 
-  if (!update) {
-    steps = installSteps.concat(steps);
-  }
+  const runSteps = (steps = []) => {
+    const script = steps
+      .map(
+        (s, i) => `echo "step ${i + 1}/${steps.length}: ${s.split('\n')[0]}"
+${s}`,
+      )
+      .join('\n');
 
-  shellExec(`sudo chroot ${nfsHostPath} /usr/bin/qemu-aarch64-static /bin/bash <<'EOF'
-${steps
-  .map(
-    (s, i) => `echo "step ${i + 1}/${steps.length}: ${s.split('\n')[0]}"
-${s}
-`,
-  )
-  .join(``)}
-EOF`);
+    const cmd = `sudo chroot ${nfsHostPath} /usr/bin/qemu-aarch64-static /bin/bash <<'EOF_OUTER'
+${script}
+EOF_OUTER`;
 
-  shellExec(`sudo chroot ${nfsHostPath} /usr/bin/qemu-aarch64-static /bin/bash <<'EOF'
-echo "nameserver ${process.env.MAAS_DNS}" | tee /etc/resolv.conf > /dev/null
-apt update
-EOF`);
+    shellExec(cmd);
+  };
 
   if (update) {
+    // --reboot
     shellExec(`sudo chroot ${nfsHostPath} /usr/bin/qemu-aarch64-static /bin/bash <<'EOF'
-sudo cloud-init clean --logs --reboot
+sudo cloud-init clean --logs --seed --configs all --machine-id
+sudo rm -rf /var/lib/cloud/*
 EOF`);
-    fs.writeFileSync(`${nfsHostPath}/var/log/cloud-init.log`, '', 'utf8');
 
+    if (fs.existsSync(`${nfsHostPath}/var/log/`)) {
+      fs.writeFileSync(`${nfsHostPath}/var/log/cloud-init.log`, '', 'utf8');
+      fs.writeFileSync(`${nfsHostPath}/var/log/cloud-init-output.log`, '', 'utf8');
+    }
+
+    runSteps(steps);
+  } else {
+    runSteps(installSteps.concat(steps));
+
+    shellExec(`sudo chroot ${nfsHostPath} /usr/bin/qemu-aarch64-static /bin/bash <<'EOF'
+echo "nameserver ${process.env.MAAS_DNS}" | tee /etc/resolv.conf > /dev/null
+apt update
+EOF`);
     fs.writeFileSync(
       `${nfsHostPath}/dns.sh`,
       `rm /etc/resolv.conf
@@ -250,6 +237,41 @@ echo 'nameserver 8.8.8.8' > /run/systemd/resolve/stub-resolv.conf
 ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf`,
       'utf8',
     );
+
+    runSteps([
+      // `date -s "${shellExec(`date '+%Y-%m-%d %H:%M:%S'`, { stdout: true }).trim()}"`,
+      // `date`,
+      ...timeZoneSteps,
+      ...chronySetUp(chronyConfPath),
+      ...keyboardSteps,
+    ]);
+
+    runSteps([
+      `useradd -m -s /bin/bash -G sudo root`,
+      `echo 'root:root' | chpasswd`,
+      `mkdir -p /home/root/.ssh`,
+      `echo '${fs.readFileSync(
+        `/home/dd/engine/engine-private/deploy/id_rsa.pub`,
+        'utf8',
+      )}' > /home/root/.ssh/authorized_keys`,
+      `chown -R root /home/root/.ssh`,
+      `chmod 700 /home/root/.ssh`,
+      `chmod 600 /home/root/.ssh/authorized_keys`,
+    ]);
+  }
+
+  logger.info('Check virtual root user config');
+  {
+    const cmd = `sudo chroot ${nfsHostPath} /usr/bin/qemu-aarch64-static /bin/bash <<'EOF_OUTER'
+echo -e "\n=== Current date/time ==="
+date '+%Y-%m-%d %H:%M:%S'
+echo -e "\n=== Keyboard layout ==="
+cat /etc/default/keyboard
+echo -e "\n=== Registered users ==="
+cut -d: -f1 /etc/passwd
+EOF_OUTER`;
+
+    shellExec(cmd);
   }
 };
 
@@ -259,7 +281,7 @@ const chronySetUp = (path) => {
 # Use public servers from the pool.ntp.org project.
 # Please consider joining the pool (http://www.pool.ntp.org/join.html).
 # pool 2.pool.ntp.org iburst
-server ntp.ubuntu.com iburst
+server ${process.env.MAAS_NTP_SERVER} iburst
 
 # Record the rate at which the system clock gains/losses time.
 driftfile /var/lib/chrony/drift
@@ -1751,7 +1773,6 @@ EOF`);
 
       switch (process.argv[3]) {
         case 'rpi4mb':
-          const resourceId = process.argv[4] ?? '12';
           tftpSubDir = '/rpi4mb';
           zipFirmwareFileName = `RPi4_UEFI_Firmware_v1.41.zip`;
           zipFirmwareName = zipFirmwareFileName.split('.zip')[0];
@@ -1763,7 +1784,7 @@ EOF`);
             await Downloader(zipFirmwareUrl, `../${zipFirmwareFileName}`);
             shellExec(`cd .. && mkdir ${zipFirmwareName} && cd ${zipFirmwareName} && unzip ../${zipFirmwareFileName}`);
           }
-          resource = resources.find((o) => o.id == resourceId);
+          resource = resources.find((o) => o.architecture === 'arm64/ga-24.04' && o.name === 'ubuntu/noble');
           name = resource.name;
           architecture = resource.architecture;
           resource = resources.find((o) => o.name === name && o.architecture === architecture);
@@ -2078,8 +2099,9 @@ BOOT_ORDER=0x21`;
             newMachine = machineFactory(JSON.parse(newMachine));
             machines.push(newMachine);
             console.log(newMachine);
+            // commissioning_scripts=90-verify-user.sh
             shellExec(
-              `maas ${process.env.MAAS_ADMIN_USERNAME} machine commission ${newMachine.system_id}  enable_ssh=1 commissioning_scripts=90-verify-user.sh skip_bmc_config=1 skip_networking=1 skip_storage=1`,
+              `maas ${process.env.MAAS_ADMIN_USERNAME} machine commission ${newMachine.system_id} enable_ssh=1 skip_bmc_config=1 skip_networking=1 skip_storage=1`,
               {
                 silent: true,
               },
@@ -2185,6 +2207,7 @@ udp-port = 32766
       const host = process.argv[4];
       const nfsHostPath = `${process.env.NFS_EXPORT_PATH}/${host}`;
       const ipaddr = process.env.RPI4_IP;
+      const gatewayip = process.env.GATEWAY_IP;
       await updateVirtualRoot({
         IP_ADDRESS,
         architecture,
@@ -2192,6 +2215,7 @@ udp-port = 32766
         nfsHostPath,
         ipaddr,
         update: true,
+        gatewayip,
       });
       break;
     }
@@ -2201,6 +2225,7 @@ udp-port = 32766
       const architecture = process.argv[3];
       const host = process.argv[4];
       const nfsHostPath = `${process.env.NFS_EXPORT_PATH}/${host}`;
+      const gatewayip = process.env.GATEWAY_IP;
       shellExec(`sudo dnf install -y iptables-legacy`);
       shellExec(`sudo dnf install -y debootstrap`);
       shellExec(`sudo dnf install kernel-modules-extra-$(uname -r)`);
@@ -2279,6 +2304,7 @@ EOF`);
               host,
               nfsHostPath,
               ipaddr,
+              gatewayip,
             });
 
             break;
@@ -2302,6 +2328,7 @@ EOF`);
       shellExec(`sudo umount ${nfsHostPath}/sys`);
       shellExec(`sudo umount ${nfsHostPath}/dev/pts`);
       shellExec(`sudo umount ${nfsHostPath}/dev`);
+      shellExec(`sudo umount ${nfsHostPath}/run`);
       // shellExec(`sudo umount ${nfsHostPath}/lib/modules`);
       break;
     }

package/cli.md

@@ -1,4 +1,4 @@
-## underpost ci/cd cli v2.8.811
+## underpost ci/cd cli v2.8.814
 
 ### Usage: `underpost [options] [command]`
   ```

package/docker-compose.yml

@@ -58,7 +58,7 @@ services:
           cpus: '0.25'
           memory: 20M
     labels: # labels in Compose file instead of Dockerfile
-      engine.version: '2.8.811'
+      engine.version: '2.8.814'
     networks:
       - load-balancer
 

package/manifests/deployment/dd-template-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-template-development-blue
-          image: localhost/rockylinux9-underpost:v2.8.811
+          image: localhost/rockylinux9-underpost:v2.8.814
           #          resources:
           #            requests:
           #              memory: "124Ki"
@@ -100,7 +100,7 @@ spec:
     spec:
       containers:
         - name: dd-template-development-green
-          image: localhost/rockylinux9-underpost:v2.8.811
+          image: localhost/rockylinux9-underpost:v2.8.814
           #          resources:
           #            requests:
           #              memory: "124Ki"

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.8.811",
+    "version": "2.8.814",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",

package/src/cli/cluster.js

@@ -508,20 +508,24 @@ net.ipv4.ip_forward = 1' | sudo tee ${iptableConfPath}`);
         logger.info('Phase 1/6: Cleaning up Kubernetes resources (PVCs, PVs) while API server is accessible...');
 
         // Get all Persistent Volumes and identify their host paths for data deletion.
-        const pvListJson = shellExec(`kubectl get pv -o json || echo '{"items":[]}'`, { stdout: true, silent: true });
-        const pvList = JSON.parse(pvListJson);
-
-        if (pvList.items && pvList.items.length > 0) {
-          for (const pv of pvList.items) {
-            // Check if the PV uses hostPath and delete its contents
-            if (pv.spec.hostPath && pv.spec.hostPath.path) {
-              const hostPath = pv.spec.hostPath.path;
-              logger.info(`Removing data from host path for PV '${pv.metadata.name}': ${hostPath}`);
-              shellExec(`sudo rm -rf ${hostPath}/* || true`);
+        try {
+          const pvListJson = shellExec(`kubectl get pv -o json || echo '{"items":[]}'`, { stdout: true, silent: true });
+          const pvList = JSON.parse(pvListJson);
+
+          if (pvList.items && pvList.items.length > 0) {
+            for (const pv of pvList.items) {
+              // Check if the PV uses hostPath and delete its contents
+              if (pv.spec.hostPath && pv.spec.hostPath.path) {
+                const hostPath = pv.spec.hostPath.path;
+                logger.info(`Removing data from host path for PV '${pv.metadata.name}': ${hostPath}`);
+                shellExec(`sudo rm -rf ${hostPath}/* || true`);
+              }
             }
+          } else {
+            logger.info('No Persistent Volumes found with hostPath to clean up.');
           }
-        } else {
-          logger.info('No Persistent Volumes found with hostPath to clean up.');
+        } catch (error) {
+          logger.error('Failed to clean up Persistent Volumes:', error);
         }
 
         // Phase 2: Stop Kubelet/K3s agent and remove CNI configuration

package/src/index.js

@@ -32,7 +32,7 @@ class Underpost {
    * @type {String}
    * @memberof Underpost
    */
-  static version = 'v2.8.811';
+  static version = 'v2.8.814';
   /**
    * Repository cli API
    * @static

package/src/runtime/lampp/Dockerfile

@@ -1,21 +1,13 @@
-# Use Rocky Linux 9 as the base image
 FROM rockylinux:9
 
-# Set environment variable for non-interactive mode (though less critical for DNF than APT)
-ENV DNF_ASSUMEYES=1
+RUN dnf install -y --allowerasing bzip2
 
-# Set root password to root
-RUN echo 'root:root' | chpasswd
-
-# Update system packages and install EPEL, then essential tools
-# DNF is the package manager for Rocky Linux (RHEL-based)
 RUN dnf update -y
 RUN dnf install -y epel-release
 RUN dnf install -y --allowerasing sudo
 RUN dnf install -y --allowerasing curl
 RUN dnf install -y --allowerasing net-tools
 RUN dnf install -y --allowerasing openssh-server
-RUN dnf install -y --allowerasing supervisor
 RUN dnf install -y --allowerasing nano
 RUN dnf install -y --allowerasing vim-enhanced
 RUN dnf install -y --allowerasing less
@@ -25,11 +17,6 @@ RUN dnf install -y --allowerasing git
 RUN dnf install -y --allowerasing gnupg2
 RUN dnf clean all
 
-# Configure SSH
-RUN mkdir -p /var/run/sshd
-# Allow root login via password
-RUN sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
-
 # Install LAMPP (XAMPP)
 # Download the XAMPP installer for Linux
 RUN curl -Lo xampp-linux-installer.run https://sourceforge.net/projects/xampp/files/XAMPP%20Linux/7.4.33/xampp-linux-x64-7.4.33-0-installer.run?from_af=true
@@ -53,7 +40,6 @@ RUN mkdir /www
 RUN ln -s /www /opt/lampp/htdocs
 
 # Install Node.js
-# Add NodeSource repository for Node.js 23.x (for RHEL-based systems)
 RUN curl -fsSL https://rpm.nodesource.com/setup_23.x | bash -
 RUN dnf install nodejs -y
 RUN dnf clean all
@@ -71,25 +57,3 @@ EXPOSE 80
 EXPOSE 443
 EXPOSE 3000-3100
 EXPOSE 4000-4100
-
-# Default command to start SSH and XAMPP (Apache and MySQL)
-# Using supervisord to manage multiple processes
-CMD ["/usr/bin/supervisord", "-n"]
-
-# To run XAMPP services under supervisord, you'll need to add a supervisord configuration file.
-# For example, create a file named /etc/supervisord.d/xampp.ini inside the container:
-#
-# [program:sshd]
-# command=/usr/sbin/sshd -D
-# autostart=true
-# autorestart=true
-#
-# [program:apache]
-# command=/opt/lampp/bin/apachectl start
-# autostart=true
-# autorestart=true
-#
-# [program:mysql]
-# command=/opt/lampp/bin/mysql.server start
-# autostart=true
-# autorestart=true