particle-os/particle-os-modules
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
particle-os-modules/modules/brew
History
Thomas Mecattaf a7e074fe36
feat: Add Brew module (#239) 
* feat(brew): add new Brew module for Homebrew installation and management

* feat(brew): add new Brew module for Homebrew installation and management

* feat(brew): part 2 of adding new Brew module for Homebrew installation and management

* feat(brew): part 2.2 of adding new Brew module for Homebrew installation and management

* feat(brew): part 3 of adding new Brew module for Homebrew installation and management

* docs: Add kebab-cases for module entries in README

* docs: Don't add whitespaces in module.yml

* chore: Use arrays for package list & add quotes + brackets to some strings

to make it more safe.

* feat(brew): systemd services and timers written dynamically

* feat(brew): systemd services and timers written dynamically 2

* feat(brew): clean up fish completion file name

* chore: Remove duplicate brew completions file

* feat(brew): tweak in brew.sh 3

* chore: Rename shell completion to completions pt. 1

* chore: Rename shell completion to completions pt. 2

* chore: Rename shell completion to completions pt. 3

* feat(brew): Nofile Limits flag, update brew.sh module.yml and README.md

* feat(brew): Brew analytics opt-out flag

* Brew Analytics Enabled by default in docs

* docs: `build-time` instead of `build time`

* docs: Improve `gcc` package log explanation

* fix(brew): Fetching YAML entries due to miss of transition from `_` to `-`

* chore(brew): Improve disabling analytics write to `environment`

* chore(brew): Add script for modifying nofile limit

* chore(brew): Forgot to source the nofile script

* chore(brew): Disable option of installing packages pt.1

* chore(brew): Disable option of installing packages pt.2

* chore(brew): Disable option of installing packages pt.3

* docs(brew): Remove installing packages as a feature

* chore(brew): Add more logs

* chore(brew): Fix typos in logs

* fix(brew): Use `awk` instead of `grep` which fails for stupid reason

Without any error logs either.

* fix(brew): Update & upgrade permutation

* docs(brew): Fix upgrade & update permutation

* chore(brew): Make small tweaks to brew-analytics

If environment is empty, than don't make the extra whiteline

* docs(brew): Slight order adjustment in README inside "Features"

* docs(brew): Add link to Homebrew

* docs(brew): Add note about uninstalling brew

* docs(brew): Include explanation on why manual uninstallation is necessary

Also give big thanks to M2

* docs(brew): Further explain on why the manual uninstallation is needed

* docs(brew): Add link to files module documentation

* docs(brew): Be more detailed about how the module works

* docs(brew): Some small fixes & restore credits

* docs(brew): Rename Brew to Linuxbrew

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* docs(brew): Change features wording

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* docs(brew): Reword update & upgrade wording

* docs(brew): Move update & upgrade service labels above timers

* docs(brew): Change brew documentation wording

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* docs(brew): Syntax highlighting for bash script

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* docs(brew): Improve uninstallation intro wording

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* docs(brew): Move brew-analytics above warning

* docs(brew): Update update/upgrade ordering pt. 1

* docs(brew): Update update/upgrade naming pt. 2

* docs(brew): Update update/upgrade order pt. 3

* chore(brew): Use `#!/usr/bin/env fish` instead of `#!/usr/bin/fish`

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* chore(brew): Use `#!/usr/bin/env bash` instead of `#!/bin/sh`

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* chore(brew): Set shellcheck from sh to bash

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* fix(brew): Convert SH-ism to bash in bash completion

* chore(brew): Use double brackets in bash shell completion

* chore(brew): Make rc in brackets

* chore(brew): Use more double brackets

* chore(brew): Add more double brackets pt. 2

* chore(brew): Make bash shell completion spacing better

* chore(brew): Revert to `bash-completions` completion

* docs(brew): Add comment about why bash completion uses sh

* fix(brew): Apply brew path clash fix

* docs(brew): Explain brew path clash fix

* docs(brew): Add file location of brew path fix

* docs(brew): Reword exporting brew path

* docs(brew): Reword again

* docs(brew): Reword...

* chore(brew): Copy bash completion to `/usr/etc` instead of `/etc`

* chore(brew): Make `/usr/etc/profile.d` if it doesn't exist

* docs(brew): Fix typo in README

* docs(brew): Use caution card instead of warning string

* docs(brew): Brew path reword

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* chore(brew): Implement code comment fix

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>

* docs(brew): Try to improve `nofile-limits` section

* docs(brew): Use serverfault link instead

* docs(brew): Thread, not article

* docs(brew): Improve Configuration section

* docs(brew): Than vs then

Love to mess this one

* docs(brew): Uninstall script wording fix

---------

Co-authored-by: fiftydinar <65243233+fiftydinar@users.noreply.github.com>
Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>
2024-06-03 09:25:45 +00:00
..
brew-bash-completions.sh feat: Add Brew module (#239) 2024-06-03 09:25:45 +00:00
brew-fish-completions.fish feat: Add Brew module (#239) 2024-06-03 09:25:45 +00:00
brew-nofile-limits-logic.sh feat: Add Brew module (#239) 2024-06-03 09:25:45 +00:00
brew.sh feat: Add Brew module (#239) 2024-06-03 09:25:45 +00:00
module.yml feat: Add Brew module (#239) 2024-06-03 09:25:45 +00:00
README.md feat: Add Brew module (#239) 2024-06-03 09:25:45 +00:00

README.md

brew

The brew module installs Homebrew/Linuxbrew on your system and ensures the package manager remains updated and maintained. This module also sets up systemd services to periodically update the installed Brew packages.

Features

  • Installs Brew at build-time.
  • Sets up systemd services to automatically update Brew to the latest version.
  • Sets up systemd services to automatically upgrade Brew packages.
  • Sets up bash and fish completions for Brew.

How it works

Directory paths glossary:

  • /home/ is a symlink to /var/home/
  • /root/ is a symlink to /var/roothome/

Build-time:

  • Directories /home/ & /root/ are created
  • Empty .dockerenv file is created in the root of the image-builder, to convince official Brew installation script that we are not running as root
  • Official brew installation script is downloaded & executed
  • Brew is extracted to /home/linuxbrew/ by the official script (/root/ is needed, since image-builds are running as root)
  • Brew in /home/linuxbrew/ is compressed in tar, copied to /usr/share/homebrew/ & permissions to it are set to default user (UID 1000)
  • brew-update & brew-upgrade SystemD service timers are enabled (by default)
  • A fix for path conflicts between system & brew packages with the same name is applied by adding Brew to path only in interactive shells, unlike what Brew does by default.
  • Brew bash & fish shell completions are copied to /etc/profile.d/brew-bash-completions.sh & /usr/share/fish/vendor_conf.d/brew-fish-completions.fish
  • tmpfiles.d configuration homebrew.conf is written with these directory locations:
    • /var/lib/homebrew/
    • /var/cache/homebrew/
    • /home/linuxbrew/
  • brew-setup service is enabled

Boot-time:

tmpfiles.d homebrew.conf:

  • This configuration is telling SystemD to: automatically create these necessary directories on every system boot if not available & to give them permissions of the default user (UID 1000):
    • /var/lib/homebrew/
    • /var/cache/homebrew/
    • /home/linuxbrew/

brew-setup:

  • brew-setup SystemD service checks if main directory used by Brew exists (/home/linuxbrew/.linuxbrew/)
    & if brew-setup state file exists (/etc/.linuxbrew)
  • If one of those paths don't exist, then Homebrew tar is extracted from /usr/share/homebrew/homebrew.tar.zst to /tmp/homebrew/
  • Extracted Homebrew is then copied from /tmp/homebrew/ to /home/linuxbrew/ & permissions to it are set to default user (UID 1000)
  • Temporary directory /tmp/homebrew/ is removed
  • Empty file /etc/.linuxbrew is created, which indicates that brew-setup (installation) is successful & which allows setup to run again on next boot when removed

Rest of the setup:

  • brew-update runs at the specified time to update Brew to the latest version
  • brew-upgrade runs at the specified time to upgrade Brew packages

Configuration Options

Update

Brew update operation updates the Brew binary to latest version.

auto-update (optional: boolean, default: true)

If false, disables automatic activation of brew-update.timer.

update-interval (optional: string, default: '6h')

Defines how often the Brew update service should run. The string is passed directly to OnUnitInactiveSec in systemd timer. (Syntax: ['1d', '6h', '10m']).

update-wait-after-boot (optional: string, default: '10min')

Time delay after system boot before the first Brew update runs. The string is passed directly to OnBootSec in systemd timer. (Syntax: ['1d', '6h', '10m']).

Upgrade

Brew upgrade operation upgrades all installed Brew packages to latest version.

auto-upgrade (optional: boolean, default: true)

If false, disables automatic activation of brew-upgrade.timer.

upgrade-interval (optional: string, default: '8h')

Defines how often the Brew upgrade service should run. The string is passed directly to OnUnitInactiveSec in systemd timer. (Syntax: ['1d', '6h', '10m']).

upgrade-wait-after-boot (optional: string, default: '30min')

Time delay after system boot before the first Brew package upgrade runs. The string is passed directly to OnBootSec in systemd timer. (Syntax: ['1d', '6h', '10m']).

Analytics

Brew analytics are used to anonymously collect the information about Brew usage & system, in order to improve the experience of Brew users.

brew-analytics (optional: boolean, default: true)

Determines whether to opt-out of Brew analytics. When set to true, analytics are enabled.

:::caution Please review the Brew documentation carefully before modifying the settings above. :::

Nofile limits

Nofile limit refers to the maximum number of open files for a single process. For more information about this, you can read this thread:
https://serverfault.com/questions/577437/what-is-the-impact-of-increasing-nofile-limits-in-etc-security-limits-conf

nofile-limits (optional: boolean, default: false)

Determines whether to increase nofile limits for Brew installations.
When set to true, it increases the nofile limits to prevent certain "I/O heavy" Brew packages from failing due to "too many open files" error. However, it's important to note that increasing nofile limits can have potential security implications for malicious applications which would try to abuse storage I/O. Defaults to false for security purposes.

Development

Setting DEBUG=true inside brew.sh will enable additional output for debugging purposes during development.

Uninstallation

Removing the brew module from the recipe is not enough to get it completely removed.
On a booted system, it's also necessary to run the brew uninstallation script.

Either a local-user can execute this script manually or the image-maintainer may make it automatic through a custom systemd service.

Uninstallation script:

#!/usr/bin/env bash

# Remove Homebrew cache
if [[ -d "${HOME}/cache/Homebrew/" ]]; then
  echo "Removing '$HOME/cache/Homebrew/' directory"
  rm -r "${HOME}/cache/Homebrew/"
else
  echo "'${HOME}/cache/Homebrew/' directory is already removed"
fi

# Remove folders created by tmpfiles.d
if [[ -d "/var/lib/homebrew/" ]]; then
  echo "Removing '/var/lib/homebrew/' directory"
  sudo rm -rf "/var/lib/homebrew/"
else
  echo "'/var/lib/homebrew/' directory is already removed"
fi
if [[ -d "/var/cache/homebrew/" ]]; then
  echo "Removing '/var/cache/homebrew/' directory"
  sudo rm -rf "/var/cache/homebrew/"
else
  echo "'/var/cache/homebrew/' directory is already removed"
fi
## This is the main directory where brew is located
if [[ -d "/var/home/linuxbrew/" ]]; then
  echo "Removing '/var/home/homebrew/' directory"
  sudo rm -rf "/var/home/linuxbrew/"
else
  echo "'/home/homebrew/' directory is already removed"
fi

# Remove redundant brew-setup service state file
if [[ -f "/etc/.linuxbrew" ]]; then
  echo "Removing empty '/etc/.linuxbrew' file"
  sudo rm -f "/etc/.linuxbrew"
else
  echo "'/etc/.linuxbrew' file is already removed"
fi

Credits

Thanks a lot to Bluefin custom image maintainer m2giles, who made this entire module possible.
In fact, the module's logic of installing & updating/upgrading Brew is fully copied from him & Bluefin, we just made it easier & more convenient to use for BlueBuild users.