plucky (8) systemd-import-generator.8.gz

Provided by: systemd-container_257-2ubuntu1_amd64 bug

NAME

       systemd-import-generator - Generator for automatically downloading disk images at boot

SYNOPSIS

       /usr/lib/systemd/system-generators/systemd-import-generator

DESCRIPTION

       systemd-import-generator may be used to automatically download disk images (tarballs or
       DDIs) via systemd-importd.service(8) at boot, based on parameters on the kernel command
       line or via system credentials. This is useful for automatically deploying an systemd-
       confext(8), systemd-sysext(8), systemd-nspawn(1)/ systemd-vmspawn(1) or systemd-
       portabled.service(8) image at boot. This provides functionality equivalent to
       importctl(1), but accessible via the kernel command line and system credentials.

       systemd-import-generator implements systemd.generator(7).

KERNEL COMMAND LINE

       systemd-import-generator understands the following kernel-command-line(7) parameters:

       systemd.pull=
           This option takes a colon separate triplet of option string, local target image name
           and remote URL. The local target image name can be specified as an empty string, in
           which case the name is derived from the specified remote URL. The remote URL must
           using the "http://", "https://", "file://" schemes. The option string itself is a
           comma separated list of options:

           rw, ro
               Controls whether to mark the local image as read-only. If not specified read-only
               defaults to off.

               Added in version 257.

           verify=
               Controls whether to cryptographically validate the download before installing it
               in place. Takes one of "no", "checksum" or "signature" (the latter being the
               default if not specified). For details see the --verify= of importctl(1)

               Added in version 257.

           sysext, confext, machine, portable
               Controls the image class to download, and thus ultimately the target directory for
               the image, depending on this choice the target directory /var/lib/extensions/,
               /var/lib/confexts/, /var/lib/machines/ or /var/lib/portables/ is selected.

               Specification of exactly one of these options is mandatory.

               Added in version 257.

           tar, raw
               Controls the type of resource to download, i.e. a (possibly compressed) tarball
               that needs to be unpacked into a file system tree, or (possibly compressed) raw
               disk image (DDI).

               Specification of exactly one of these options is mandatory.

               Added in version 257.

           Added in version 257.

       systemd.pull.success_action=, systemd.pull.failure_action=
           Controls whether to execute an action such as reboot, power-off and similar after
           completing the download successfully, or unsuccessfully. See
           SuccessAction=/FailureAction= on systemd.unit(5) for details about the available
           actions. If not specified no action is taken, and the system will continue to boot
           normally.

           Added in version 257.

CREDENTIALS

       systemd-import-generator supports the system credentials logic. The following credentials
       are used when passed in:

       import.pull
           This credential should be a text file, with each line referencing one download
           operation. Each line should follow the same format as the value of the systemd.pull=
           kernel command line option described above.

           Added in version 257.

EXAMPLES

       Example 1. Download Configuration Extension

           systemd.pull=raw,confext::https://example.com/myconfext.raw.gz

       With a kernel command line option like the above a configuration extension DDI is
       downloaded automatically at boot from the specified URL, validated cryptographically,
       uncompressed and installed.

       Example 2. Download System Extension (Without Validation)

           systemd.pull=tar,sysext,verify=no::https://example.com/mysysext.tar.gz

       With a kernel command line option like the above a system extension tarball is downloaded
       automatically at boot from the specified URL, uncompressed and installed – without any
       cryptographic validation. This is useful for development purposes in virtual machines and
       containers. Warning: do not deploy a system with validation disabled like this!

SEE ALSO

       systemd(1), systemd-importd.service(8), kernel-command-line(7), systemd.system-
       credentials(7), importctl(1)