foreman-installer icon indicating copy to clipboard operation
foreman-installer copied to clipboard

Published 20 hours ago verified publisher icon theforeman

Move default ssl-build directory to /var/lib/foreman-installer

Open ehelms opened this issue 2 years ago • 2 comments

The idea is to move away from using /root/ssl-build which users often do not like, and has a tendency to get deleted accidentally to a more appropriate location in /var/lib/foreman-installer. This should be less prone to accidental removal and a better location for backup predictability, for a mounted volume and generally a better design. The tricky bit is what to do about existing /root/ssl-build directories.

For upgrades, this attempts to move them as part of the boot hook if they are found to the new location. The alternative approach would be to change it for new installs only and leave it for upgrades. This, however, creates a split experience for our users base and makes debugging harder.

ehelms avatar Sep 07 '21 01:09 ehelms

Why is this part of the boot hook?

Boot happens only after migrations, and that is why I chose it rather than actual migrations (https://github.com/theforeman/kafo/blob/master/lib/kafo/kafo_configure.rb#L140). I did not want this to happen during package upgrade as that felt prone to problems. And boot seemed the best hook to do it in, as it would happen before user input.

I can make updates to handle --noop.

I first wanted to float this general idea out there to gather an idea if others thought this was a good change to make.

ehelms avatar Sep 07 '21 12:09 ehelms

Boot happens only after migrations, and that is why I chose it rather than actual migrations (https://github.com/theforeman/kafo/blob/master/lib/kafo/kafo_configure.rb#L140). I did not want this to happen during package upgrade as that felt prone to problems. And boot seemed the best hook to do it in, as it would happen before user input.

Looking at https://raw.githubusercontent.com/theforeman/kafo/master/doc/kafo_run.png a pre_migrations (if you want to run it via migrations) or pre (otherwise) hook feels better than a boot hook. Boot hooks are really intended for setting up the application, not doing any actual work.

I first wanted to float this general idea out there to gather an idea if others thought this was a good change to make.

Overall I'd be in favor. /root/ssl-build always felt weird to me. We can debate /var/lib/foreman-installer vs /var/lib/ssl-build or something else, but /var/lib does feel like a better home.

ekohl avatar Sep 07 '21 12:09 ekohl