Selecting only specific files to keep when sysupgrade

totkeks · November 25, 2024, 11:00am

I have my custom image for the BPI-R4 setup using imagebuilder and a set of uci-defaults and other files.

Those configure the system exactly how I want it after the image has been flashed and booted.

Unfortunately, there are a couple of files I'd rather keep between updates to make my life easier.

Those are in particular the ssh hostkeys and allowed keys, as well as the wireguard keys and clients.

All the other configuration is replaced by the uci defaults, and I'd rather not "mix and match" keeping existing and possibly manually changed config files and the uci defaults from my config repo.

Now I noticed that sysupgrade doesn't just look at /etc/sysupgrade.conf but also a whole list of other config files based on different sources.

Is there a way to tell sysupgrade to explicitly only keep the files I tell it to? If not, would it make sense to create a patch / PR for that, or is that a feature that wouldn't make sense for most users?

My alternative idea currently is to backup the relevant files to my data partition on the eMMC, as it isn't touched by the sysupgrade. And hook that script somehow before a sysupgrade commences and read the results in my uci defaults.

brada4 · November 25, 2024, 11:36am

Patch what? All backed up lists are in /lib/upgrade/keep.d/

totkeks · November 25, 2024, 12:02pm

Patch sysupgrade to support the behavior I described.

Unfortunately that is not the only source for sysupgrade. I looked at the code and it builds another list from the installed packages.

brada4 · November 25, 2024, 12:32pm

Nope, it is keep.d files installed by packages and sysupgrade.conf.

github.com

openwrt/openwrt/blob/72dec105fb99a949d7ecf2a3d0ac29880007d602/package/base-files/files/sbin/sysupgrade#L174


      
          }
          
          build_list_of_backup_config_files() {
          	local file="$1"
          
          	( list_static_conffiles "$find_filter"; list_changed_conffiles ) |
          		sort -u > "$file"
          	return 0
          }
          
          build_list_of_backup_overlay_files() {
          	local file="$1"
          
          	local packagesfiles=$1.packagesfiles
          	touch "$packagesfiles"
          
          	if [ "$SAVE_OVERLAY_PATH" = / ]; then
          		local conffiles=$1.conffiles
          		local keepfiles=$1.keepfiles
          
          		list_conffiles | cut -f2 -d ' ' | sort -u > "$conffiles"

truncate a keep.d file you dont like and add its filename to sysupgrade.conf

totkeks · November 25, 2024, 12:49pm

You missed the list_changed_conffiles part. Because even after deleting everything in lib/keep.d/ you get a list of files from sysupgrade -l.

Hence my initial question if there is a flag to force sysupgrade to only consider /etc/sysupgrade.conf.

brada4 · November 25, 2024, 12:53pm

There is no flag.

totkeks · November 25, 2024, 1:01pm

Would it make sense to create a pull request to change that or is that a feature no one besides me would use and I should just patch it myself locally or use a workaround?

brada4 · November 25, 2024, 3:00pm

Power to you if you try. Would be nice to have some debug options to customize backup over sysupgrade (or config restore from luci).

totkeks · November 25, 2024, 3:14pm

I read about someone who tried this, but couldn't find it again. Not sure if it was here in the forums, or a GitHub PR or the mailing list.

Even had some Luci changes with a list picker for the files to restore from backup.

Luci integration would of course be great. If I could select the files to backup with sysupgrade upfront. Would have to look into all that code and how much effort it is. Never touched any of this code base.

brada4 · November 25, 2024, 3:21pm

There are instructions once you try to set up PR.

Betonmischer · November 25, 2024, 3:45pm

This is beside the point, but I've moved away from in-place upgrades entirely. Since the BPI-R4 can boot from an SD card, I build new firmware from source and put whatever extra files I need into the /files folder in buildroot. Then it's a matter of swapping SD cards with minimal resulting downtime, and every time there's a hot backup should something go wrong with the new build.