Merge branch 'next/minor' of github.com:Start9Labs/start-os into integration/new-container-runtime

2026-03-26 10:21:52 +00:00 · 2023-11-20 14:13:57 -07:00
parent 11a2e96d06 4c8a92bb0c
commit 65009e2f69
8 changed files with 37 additions and 38 deletions
--- a/core/startos/src/context/rpc.rs
+++ b/core/startos/src/context/rpc.rs
@@ -4,6 +4,7 @@ use std::ops::Deref;
 use std::path::{Path, PathBuf};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
+use std::time::Duration;

 use helpers::to_tmp_path;
 use josekit::jwk::Jwk;
@@ -25,7 +26,7 @@ use crate::db::model::{CurrentDependents, Database, PackageDataEntryMatchModelRe
 use crate::db::prelude::PatchDbExt;
 use crate::dependencies::compute_dependency_config_errs;
 use crate::disk::OsPartitionInfo;
-use crate::init::init_postgres;
+use crate::init::{check_time_is_synchronized, init_postgres};
 use crate::install::cleanup::{cleanup_failed, uninstall};
 use crate::manager::ManagerMap;
 use crate::middleware::auth::HashSessionToken;
@@ -174,6 +175,19 @@ impl RpcContext {
        let tor_proxy_url = format!("socks5h://{tor_proxy}");
        let devices = lshw().await?;
        let ram = get_mem_info().await?.total.0 as u64 * 1024 * 1024;
+
+        if !db.peek().await.as_server_info().as_ntp_synced().de()? {
+            let db = db.clone();
+            tokio::spawn(async move {
+                while !check_time_is_synchronized().await.unwrap() {
+                    tokio::time::sleep(Duration::from_secs(30)).await;
+                }
+                db.mutate(|v| v.as_server_info_mut().as_ntp_synced_mut().ser(&true))
+                    .await
+                    .unwrap()
+            });
+        }
+
        let seed = Arc::new(RpcContextSeed {
            is_closed: AtomicBool::new(false),
            datadir: base.datadir().to_path_buf(),
--- a/core/startos/src/db/model.rs
+++ b/core/startos/src/db/model.rs
@@ -22,7 +22,7 @@ use crate::net::utils::{get_iface_ipv4_addr, get_iface_ipv6_addr};
 use crate::prelude::*;
 use crate::s9pk::manifest::{Manifest, PackageId};
 use crate::status::Status;
-use crate::util::cpupower::{get_preferred_governor, Governor};
+use crate::util::cpupower::{Governor};
 use crate::util::Version;
 use crate::version::{Current, VersionT};
 use crate::{ARCH, PLATFORM};
--- a/core/startos/src/init.rs
+++ b/core/startos/src/init.rs
@@ -4,7 +4,7 @@ use std::path::Path;
 use std::time::{Duration, SystemTime};

 use color_eyre::eyre::eyre;
-use helpers::NonDetachingJoinHandle;
+
 use models::ResultExt;
 use rand::random;
 use sqlx::{Pool, Postgres};
@@ -18,9 +18,9 @@ use crate::disk::mount::util::unmount;
 use crate::install::PKG_ARCHIVE_DIR;
 use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH;
 use crate::prelude::*;
-use crate::sound::BEP;
+
 use crate::util::cpupower::{
-    current_governor, get_available_governors, get_preferred_governor, set_governor,
+    get_available_governors, get_preferred_governor, set_governor,
 };
 use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL};
 use crate::util::Invoke;
@@ -342,6 +342,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
            .arg("run")
            .arg("-d")
            .arg("--rm")
+            .arg("--init")
            .arg("--network=start9")
            .arg("--name=netdummy")
            .arg("start9/x_system/utils:latest")
@@ -379,11 +380,11 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
        tracing::info!("Set CPU Governor");
    }

-    let mut time_not_synced = true;
+    server_info.ntp_synced = false;
    let mut not_made_progress = 0u32;
    for _ in 0..1800 {
        if check_time_is_synchronized().await? {
-            time_not_synced = false;
+            server_info.ntp_synced = true;
            break;
        }
        let t = SystemTime::now();
@@ -400,7 +401,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
            break;
        }
    }
-    if time_not_synced {
+    if !server_info.ntp_synced {
        tracing::warn!("Timed out waiting for system time to synchronize");
    } else {
        tracing::info!("Syncronized system clock");
@@ -418,21 +419,6 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
        restarting: false,
    };

-    server_info.ntp_synced = if time_not_synced {
-        let db = db.clone();
-        tokio::spawn(async move {
-            while !check_time_is_synchronized().await.unwrap() {
-                tokio::time::sleep(Duration::from_secs(30)).await;
-            }
-            db.mutate(|v| v.as_server_info_mut().as_ntp_synced_mut().ser(&true))
-                .await
-                .unwrap()
-        });
-        false
-    } else {
-        true
-    };
-
    db.mutate(|v| {
        v.as_server_info_mut().ser(&server_info)?;
        Ok(())
--- a/core/startos/src/net/keys.rs
+++ b/core/startos/src/net/keys.rs
@@ -280,7 +280,7 @@ pub fn test_keygen() {
    key.openssl_key_nistp256();
 }

-fn display_requires_reboot(arg: RequiresReboot, matches: &ArgMatches) {
+fn display_requires_reboot(arg: RequiresReboot, _matches: &ArgMatches) {
    if arg.0 {
        println!("Server must be restarted for changes to take effect");
    }
--- a/core/startos/src/net/static_server.rs
+++ b/core/startos/src/net/static_server.rs
@@ -23,6 +23,7 @@ use tokio_util::io::ReaderStream;
 use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext};
 use crate::core::rpc_continuations::RequestGuid;
 use crate::db::subscribe;
+use crate::hostname::Hostname;
 use crate::install::PKG_PUBLIC_DIR;
 use crate::middleware::auth::{auth as auth_middleware, HasValidSession};
 use crate::middleware::cors::cors;
@@ -339,7 +340,8 @@ async fn main_embassy_ui(req: Request<Body>, ctx: RpcContext) -> Result<Response
            .await
        }
        (&Method::GET, Some(("eos", "local.crt"))) => {
-            cert_send(&ctx.account.read().await.root_ca_cert)
+            let account = ctx.account.read().await;
+            cert_send(&account.root_ca_cert, &account.hostname)
        }
        (&Method::GET, _) => {
            let uri_path = UiMode::Main.path(
@@ -405,7 +407,7 @@ fn bad_request() -> Response<Body> {
        .unwrap()
 }

-fn cert_send(cert: &X509) -> Result<Response<Body>, Error> {
+fn cert_send(cert: &X509, hostname: &Hostname) -> Result<Response<Body>, Error> {
    let pem = cert.to_pem()?;
    Response::builder()
        .status(StatusCode::OK)
@@ -417,8 +419,12 @@ fn cert_send(cert: &X509) -> Result<Response<Body>, Error> {
            )
            .to_lowercase(),
        )
-        .header(http::header::CONTENT_TYPE, "application/x-pem-file")
+        .header(http::header::CONTENT_TYPE, "application/x-x509-ca-cert")
        .header(http::header::CONTENT_LENGTH, pem.len())
+        .header(
+            http::header::CONTENT_DISPOSITION,
+            format!("attachment; filename={}.crt", &hostname.0),
+        )
        .body(Body::from(pem))
        .with_kind(ErrorKind::Network)
 }