table of contents
SYSTEMD-IMPORT-GENERATOR(8) | systemd-import-generator | SYSTEMD-IMPORT-GENERATOR(8) |
NAME¶
systemd-import-generator - Generator for automatically downloading disk images at boot
SYNOPSIS¶
/usr/lib/systemd/system-generators/systemd-import-generator
DESCRIPTION¶
systemd-import-generator may be used to automatically download disk images (tarballs or DDIs) via systemd-importd.service(8) at boot, based on parameters on the kernel command line or via system credentials. This is useful for automatically deploying an systemd-confext(8), systemd-sysext(8), systemd-nspawn(1)/ systemd-vmspawn(1) or systemd-portabled.service(8) image at boot. This provides functionality equivalent to importctl(1), but accessible via the kernel command line and system credentials.
systemd-import-generator implements systemd.generator(7).
KERNEL COMMAND LINE¶
systemd-import-generator understands the following kernel-command-line(7) parameters:
systemd.pull=
rw, ro
Added in version 257.
verify=
Added in version 257.
sysext, confext, machine, portable
Specification of exactly one of these options is mandatory.
Added in version 257.
tar, raw
Specification of exactly one of these options is mandatory.
Added in version 257.
Added in version 257.
systemd.pull.success_action=, systemd.pull.failure_action=
Added in version 257.
CREDENTIALS¶
systemd-import-generator supports the system credentials logic. The following credentials are used when passed in:
import.pull
Added in version 257.
EXAMPLES¶
Example 1. Download Configuration Extension
systemd.pull=raw,confext::https://example.com/myconfext.raw.gz
With a kernel command line option like the above a configuration extension DDI is downloaded automatically at boot from the specified URL, validated cryptographically, uncompressed and installed.
Example 2. Download System Extension (Without Validation)
systemd.pull=tar,sysext,verify=no::https://example.com/mysysext.tar.gz
With a kernel command line option like the above a system extension tarball is downloaded automatically at boot from the specified URL, uncompressed and installed – without any cryptographic validation. This is useful for development purposes in virtual machines and containers. Warning: do not deploy a system with validation disabled like this!
SEE ALSO¶
systemd(1), systemd-importd.service(8), kernel-command-line(7), systemd.system-credentials(7), importctl(1)
systemd 257.1 |