fickit: New script to upgrade backend without reboot

configs/update-backend.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+IP_BACKEND=192.168.3.92
+IMG_BACKEND=fickit-backend-squashfs.img
+IMG_METADATA=fickit-metadata.iso
+
+echo "Sending image..."
+rsync -v -e ssh "${IMG_BACKEND}" "${IMG_METADATA}" "root@${IP_BACKEND}:/var/lib/fic/outofsync/" || exit 1
+
+echo "Done!"
+echo "Now, execute upgrade_image on backend, through iDRAC interface."

fickit-backend.yml

@@ -447,6 +447,39 @@ files:
       #!/bin/sh
       nsenter -t 1 -m ctr -n services.linuxkit t ls
     mode: "0755"
+  - path: usr/bin/upgrade_image
+    contents: |
+      #!/bin/sh
+
+      echo "Erasing image..."
+      [ -d /boot/imgs ] || mount /dev/sda1 /boot || exit 1
+      mv /var/lib/fic/outofsync/fickit-backend-squashfs.img /boot/imgs/fickit-backend-squashfs.img || \
+        exit 1
+
+      if [ $(sha3sum /var/lib/fic/outofsync/fickit-metadata.iso | cut -d " " -f 1) != $(sha3sum /boot/imgs/fickit-metadata.iso | cut -d " " -f 1) ]
+      then
+        ISO=$(mktemp -d)
+        mount /var/lib/fic/outofsync/fickit-metadata.iso "${ISO}"
+
+        NEW_KEY=$(sed -rn 's/.*"content": "([^"]+)"$/\1/p' "${ISO}/user-data" | head -n 1)
+        OLD_KEY=$(cat /run/config/dm-crypt/key)
+
+        [ "${NEW_KEY}" != "${OLD_KEY}" ] && {
+          read -p "DM-CRYPT key changed in metadata, are you sure you want to erase it? (y/N) " V
+          [ "$V" != "y" ] && [ "$V" != "Y" ] && exit 1;
+        };
+
+        cp /boot/imgs/fickit-metadata.iso /boot/imgs/fickit-metadata.iso.bak || exit 1;
+        mv /var/lib/fic/outofsync/fickit-metadata.iso /boot/imgs/fickit-backend-squashfs.img || exit 1;
+        dd if=/boot/imgs/fickit-metadata.iso of="$2" || exit 1;
+
+        echo
+        echo "Metadata erased"
+      fi
+
+      echo
+      echo "Done! You can reboot now."
+    mode: "0755"
   - path: usr/bin/iptables
     source: configs/nsenter_iptables.sh
     mode: "0755"