From 427ab12724eb68d6708df03fa7192c536a83e80c Mon Sep 17 00:00:00 2001
From: Aiden McClelland <3732071+dr-bonez@users.noreply.github.com>
Date: Mon, 13 Mar 2023 15:45:36 -0600
Subject: [PATCH] wait for time sync before starting tor (#2209)

* wait for time sync before starting tor

* don't initialize /var/lib/docker
---
 backend/embassy-init.service |  2 +-
 backend/src/init.rs          | 33 +++++++++++++++++++++++----------
 build/lib/scripts/postinst   |  2 ++
 3 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/backend/embassy-init.service b/backend/embassy-init.service
index b1420ad71..416791d58 100644
--- a/backend/embassy-init.service
+++ b/backend/embassy-init.service
@@ -2,7 +2,7 @@
 Description=Embassy Init
 After=network-online.target
 Requires=network-online.target
-Wants=avahi-daemon.service tor.service
+Wants=avahi-daemon.service
 
 [Service]
 Type=oneshot
diff --git a/backend/src/init.rs b/backend/src/init.rs
index 888baf301..e1b415a6c 100644
--- a/backend/src/init.rs
+++ b/backend/src/init.rs
@@ -319,16 +319,8 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
     }
     let tmp_docker = cfg.datadir().join("package-data/tmp/docker");
     let tmp_docker_exists = tokio::fs::metadata(&tmp_docker).await.is_ok();
-    if should_rebuild || !tmp_docker_exists {
-        if tmp_docker_exists {
-            tokio::fs::remove_dir_all(&tmp_docker).await?;
-        }
-        Command::new("cp")
-            .arg("-ra")
-            .arg("/var/lib/docker")
-            .arg(&tmp_docker)
-            .invoke(crate::ErrorKind::Filesystem)
-            .await?;
+    if should_rebuild && tmp_docker_exists {
+        tokio::fs::remove_dir_all(&tmp_docker).await?;
     }
     Command::new("systemctl")
         .arg("stop")
@@ -392,6 +384,26 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
         .await?;
     tracing::info!("Enabled Docker QEMU Emulation");
 
+    let mut warn_time_not_synced = true;
+    for _ in 0..60 {
+        if check_time_is_synchronized().await? {
+            warn_time_not_synced = false;
+            break;
+        }
+        tokio::time::sleep(Duration::from_secs(1)).await;
+    }
+    if warn_time_not_synced {
+        tracing::warn!("Timed out waiting for system time to synchronize");
+    } else {
+        tracing::info!("Syncronized system clock");
+    }
+
+    Command::new("systemctl")
+        .arg("start")
+        .arg("tor")
+        .invoke(crate::ErrorKind::Tor)
+        .await?;
+
     receipts
         .ip_info
         .set(&mut handle, crate::net::dhcp::init_ips().await?)
@@ -407,6 +419,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
             },
         )
         .await?;
+
     receipts
         .system_start_time
         .set(&mut handle, time().await?)
diff --git a/build/lib/scripts/postinst b/build/lib/scripts/postinst
index e83ef7642..dcd714d4c 100755
--- a/build/lib/scripts/postinst
+++ b/build/lib/scripts/postinst
@@ -46,7 +46,9 @@ $SYSTEMCTL enable systemd-resolved.service
 $SYSTEMCTL enable systemd-networkd-wait-online.service
 $SYSTEMCTL disable wpa_supplicant.service
 
+$SYSTEMCTL disable docker.service
 $SYSTEMCTL disable postgresql.service
+$SYSTEMCTL disable tor.service
 $SYSTEMCTL disable bluetooth.service
 $SYSTEMCTL disable hciuart.service
 $SYSTEMCTL disable triggerhappy.service