The service is started via systemd activation sockets.
The service serves http POST requests, the same json as before is
expected as the body of the request, and the same json as before is sent
as the response of the request.
There is no need for osbuild-composer to wait until the whole multi-user
target is completed. It can be started earlier as it doesn't have any
dependencies in the target.
This can be a problem if there is a unit in the target that is not starting
and still is unrelated to osbuild-composer. There was a bug like this
with Plymouth where the service didn't finish and it was hanging. That
prevented osbuild-composer from starting and the user was left with
working SSH connection and shell, but composer-cli and systemctl start
osbuild-composer.service were both unresponsive.
Replace After=multi-user.target with After=network.target to start
osbuild-composer earlier.
It should be totally possible to run osbuild-composer without the Weldr API
and local worker socket. This commit accomplishes this task!
In cloud environments where we don't want the Weldr API, it's now totally
possible to run osbuild-composer without it. If you also want to get rid of
the local worker, this command still works:
systemctl mask osbuild-worker@1.service
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Use $STATE_DIRECTORY environment variable which is set by systemd
because we use: StateDirectory=osbuild-composer in the service unit.
also change systemd unit to include STATE_DIRECTORY, because
RHEL comes with older systemd version, so we need to set this variable explicitly.
systemd >= 240 sets this variable to `/var/cache/` + the value of
CacheDirectory. osbuild-composer must run on earlier versions though
(specifically RHEL 8.2).
Without passing in a cachedir, dnf would create a random one for every
invocation. This meant that caches were never reused, nor cleaned up
properly.
Let systemd create a cache directory for us in /var/cache/ and use
that via the environment variable systemd sets for us.
Signed-off-by: Tom Gundersen <teg@jklm.no>
Rather than enabling the worker when composer is enabled, make sure
it is started whenever composer is.
This means that one worker instance is always available, and more can
be enabled if required. They are then also started whenever composer
is.
Signed-off-by: Tom Gundersen <teg@jklm.no>
This makes no difference, so let's just put them where the Fedora
guidelines say they should be.
Also, make sure to own the containing directory.
Signed-off-by: Tom Gundersen <teg@jklm.no>
This directory is currently only used for unix-domain sockets but they are created by systemd with the socket unit and therefore this line is redundant and maybe even causes problems.
We want the sockets to live even when the service is down (either because of error or intentional suspension) and it seems that setting the RuntimeDirectory to the directories that contain the sockets makes systemd remove both directories and unlink the sockets when the service fails and that is exactly what we don't want.
osbuild-composer now uses socket activation instead of hardcoded paths
in the code. osbuild-worker is an http client therefore it uses only
service unit. osbuild-worker must be started after the socket is
created. osbuild-composer service requires osbuild-worker to run, because without
it no jobs can be started.
osbuild-composer is executed as a regular user (newly created
_osbuild-composer user) as opposed to the worker which must run as root
in order to execute osbuild itself
