-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move default ssl-build directory to /var/lib/foreman-installer #722
base: develop
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this part of the boot hook? That means it ends up being moved during yum upgrade
already since that runs migrations. It also means it doesn't respect --noop
and I suspect you can get some weird interactions where the directory is moved but the answers file isn't saved.
We should also make sure that sosreport doesn't need an update.
hooks/boot/30-move_ssl_build_dir.rb
Outdated
|
||
if module_enabled?('certs') | ||
if param('certs', 'ssl_build_dir') == old_ssl_build_dir | ||
if File.exist?(old_ssl_build_dir) && !File.exist?(new_ssl_build_dir) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the new build dir does exist?
Boot happens only after migrations, and that is why I chose it rather than actual migrations (https://github.com/theforeman/kafo/blob/master/lib/kafo/kafo_configure.rb#L140). I did not want this to happen during package upgrade as that felt prone to problems. And boot seemed the best hook to do it in, as it would happen before user input. I can make updates to handle I first wanted to float this general idea out there to gather an idea if others thought this was a good change to make. |
Looking at https://raw.githubusercontent.com/theforeman/kafo/master/doc/kafo_run.png a
Overall I'd be in favor. |
4f51f96
to
3ee95f6
Compare
The idea is to move away from using
/root/ssl-build
which users often do not like, and has a tendency to get deleted accidentally to a more appropriate location in/var/lib/foreman-installer
. This should be less prone to accidental removal and a better location for backup predictability, for a mounted volume and generally a better design. The tricky bit is what to do about existing/root/ssl-build
directories.For upgrades, this attempts to move them as part of the boot hook if they are found to the new location. The alternative approach would be to change it for new installs only and leave it for upgrades. This, however, creates a split experience for our users base and makes debugging harder.