layer: Add Raspberry Pi Connect #117
Conversation
|
fyi @tdewey-rpi @mudge |
|
LGTM. I assume we'll add another example os-target that includes one of these layers at a later point? |
We are very light on example configs but it's intentional as we deliberately don't want to say 'here's one that everybody must use'. Connect can be included in the build like this: ...or by adding rpi-connect (or rpi-connect-lite) as a dependency (via Supplying the auth token keyfile is a customisation step that should hopefully be self-explanatory, but I wondered if I should add something to each layer's |
|
This works for me. The auth.key support is the only part I would question - is the idea that one would pass IGconf_connect_authkey on the rpi-image-gen command line? |
Either cmdline or via a config variable would work, eg I would imagine it's better suited being driven via the environment when held in an env variable, eg ...or maybe in a variable referenced by the config file, eg: All of those schemes will work. It's possible to define any variable via the config system (including auto-generating the file via custom means), so if a user had their own section (acme) they could have their static base.yaml, then include that from an auto-generated file which reads an env var holding the path to the token keyfile, eg: ...then run |
| uchroot "$1" 'umask 077; cat > "${HOME}/.config/com.raspberrypi.connect/auth.key"' < "$IGconf_connect_authkey" | ||
| fi | ||
| - uchroot "$1" 'mkdir -p ${HOME}/.config/systemd/user/default.target.wants' | ||
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect-signin.service ${HOME}/.config/systemd/user/default.target.wants/rpi-connect-signin.service' |
There was a problem hiding this comment.
As the rpi-connect-signin.service is WantedBy rpi-connect.service, should this be in .config/systemd/user/rpi-connect.service.wants (which is where systemctl --user enable rpi-connect-signin.service puts it)?
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect-signin.service ${HOME}/.config/systemd/user/default.target.wants/rpi-connect-signin.service' | |
| - uchroot "$1" 'mkdir -p ${HOME}/.config/systemd/user/rpi-connect.service.wants' | |
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect-signin.service ${HOME}/.config/systemd/user/rpi-connect.service.wants/rpi-connect-signin.service' |
layer/rpi/services/rpi-connect.yaml
Outdated
| uchroot "$1" 'umask 077; cat > "${HOME}/.config/com.raspberrypi.connect/auth.key"' < "$IGconf_connect_authkey" | ||
| fi | ||
| - uchroot "$1" 'mkdir -p ${HOME}/.config/systemd/user/default.target.wants' | ||
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect-signin.service ${HOME}/.config/systemd/user/default.target.wants/rpi-connect-signin.service' |
There was a problem hiding this comment.
As above re being in .config/systemd/user/rpi-connect.service.wants rather than .config/systemd/user/default.target.wants.
layer/rpi/services/rpi-connect.yaml
Outdated
| - uchroot "$1" 'mkdir -p ${HOME}/.config/systemd/user/default.target.wants' | ||
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect-signin.service ${HOME}/.config/systemd/user/default.target.wants/rpi-connect-signin.service' | ||
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect.service ${HOME}/.config/systemd/user/default.target.wants/rpi-connect.service' | ||
| - uchroot "$1" 'ln -sf /usr/lib/systemd/user/rpi-connect-wayvnc.service ${HOME}/.config/systemd/user/default.target.wants/rpi-connect-wayvnc.service' |
There was a problem hiding this comment.
As above re being in .config/systemd/user/rpi-connect.service.wants rather than .config/systemd/user/default.target.wants.
|
Updated because:
fyi @clowder |
|
Think about this a bit more, the auth.key mechanism is not a great fit for AB images where the Pi Connect state lives in the system partitions. It works in the A partition, but when we switch to the B partition, either: |
Isn't the straightforward option to ensure we insert into /data, and don't package /data for an OTA? |
|
Connect stores its assets in a location that keys off |
Yes, hence "not a great fit for AB images where the Pi Connect state lives in the system partitions". |
There was a problem hiding this comment.
Really excited to get this integration merged! Tested this locally and worked well for remote shell.
Optional, it might be nice to make it clearer to folks following the quick start guide that they should use rpi-connect-lite; given there's no desktop on the minbase images.
Two new layers added to enable installation of Raspberry Pi Connect (with or without screen-sharing), plus Auth key support. An accompanying companion document provides additional information. Whether or not the client starts at boot is controlled via a config variable which defaults to on (since embedded/industrial deployments will typically want Connect to start automatically at boot).
|
Sorry for the churn on this. I updated it again because:
I don't anticipate any more changes. Functionally, things work exactly as they did before. I'll merge this at the end of the day unless there are any objections. |
5 participants
Two new layers added to enable installation of Raspberry Pi Connect (with or without screen-sharing), plus auth token keyfile support. Whether or not the client starts at boot is controlled via a config variable which defaults to on (since embedded/industrial deployments will typically want Connect to start automatically at boot).