You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Aaron Dewes 08c6f8591d
Run Umbrel OS security updates during OTA update (#293)
4 years ago
..
.updateignore Only ignore top level dotfiles (#344) 4 years ago
.updateinclude Integrate electrs (#242) 4 years ago
00-run.sh Integrate electrs (#242) 4 years ago
01-run.sh Run Umbrel OS security updates during OTA update (#293) 4 years ago
02-run.sh Integrate electrs (#242) 4 years ago
03-run.sh Integrate electrs (#242) 4 years ago
README.md Remove install script (#70) 5 years ago
check-memory Add 200MB offset to RAM check (#257) 4 years ago
update Prevent unresolved update status on a failed OTA update (#263) 4 years ago

README.md

Over-The-Air (OTA) Updates

How over-the-air updates work on Umbrel.

Execution Flow

  1. New developments across the any/entire fleet of Umbrel's services (bitcoind, lnd, dashboard, middleware, etc) are made, which maintain their own independent version-control and release-schedule. Subsequently, their new docker images are built, tagged and pushed to Docker Hub.

  2. The newly built and tagged images are updated in the main repository's (i.e. this repo) docker-compose.yml file.

  3. Any new developments to the main repository (i.e. this repo) are made, eg. adding a new directory or a new config file.

  4. To prepare a new release of Umbrel, called vX.Y.Z, a PR is opened that updates the version in README.md and info.json file to:

{
    "version": "X.Y.Z",
    "name": "Umbrel vX.Y.Z",
    "notes": "This release contains a number of bug fixes and new features.",
    "requires": ">=A.B.C"
}
  1. Once the PR is merged, the master branch is immediately tagged vX.Y.Z and released on GitHub.

  2. Thus the new info.json will automatically be available at https://raw.githubusercontent.com/getumbrel/umbrel/master/info.json. This is what triggers the OTA update.

  3. When the user opens his umbrel-dashboard, it periodically polls umbrel-manager to check for new updates.

  4. umbrel-manager fetches the latest info.json from umbrel's main repo's master branch using GET https://raw.githubusercontent.com/getumbrel/umbrel/master/info.json, compares it's version with the version of the local $UMBREL_ROOT/info.json file, and exits if both the versions are same.

  5. If fetched version > local version, umbrel-manager checks if local version satisfies the requires condition in the fetched info.json.

  6. If not, umbrel-manager computes the minimum satisfactory version, called L.M.N, required for update. Eg, for "requires": ">=1.2.2" the minimum satisfactory version would be 1.2.2. umbrel-manager then makes a GET request to https://raw.githubusercontent.com/getumbrel/umbrel/vL.M.N/info.json and repeats step 8 and 9 until local version < fetched version AND local version fulfills the fetched requires condition.

  7. umbrel-manager then returns the satisfying info.json to umbrel-dashboard.

  8. umbrel-dashboard then alerts the user regarding the available update, and after the user consents, it makes a POST request to umbrel-manager to start the update process.

  9. umbrel-manager adds the updateTo key to $UMBREL_ROOT/statuses/update-status.json (a file used to continuosly update the user with the update status and progress) with the update release tag.

{
    ...
    "updateTo": "vX.Y.Z"
    ...
}
  1. umbrel-manager then creates an update signal file on the mounted host OS volume ($UMBREL_ROOT/events/signals/update) and returns OK to the umbrel-dashboard.

  2. karen is triggered (obviously) as soon as $UMBREL_ROOT/events/signals/update is touched/updated, and immediately runs the update trigger script $UMBREL_ROOT/events/triggers/update as root.

  3. $UMBREL_ROOT/events/triggers/update clones release vX.Y.Z from github in $UMBREL_ROOT/.umbrel-vX.Y.Z.

  4. $UMBREL_ROOT/events/triggers/update then executes all of the following update scripts from the new release $UMBREL_ROOT/.umbrel-vX.Y.Z one-by-one:

All of the above scripts continuously update $UMBREL_ROOT/statuses/update-status.json with the progress of update, which the dashboard periodically fetches every 2s via umbrel-manager to keep the user updated.

Further improvements

  • OTA updates should not trust GitHub, they should verify signed checksums before installing
  • Catch any error during the update and restore from the backup
  • Restore from backup on power-failure