firmware: make firmware scripts pluggable

For testing convenience you can run the scripts separately and
add standard output and only standard error will be reported
once included in system_firmware_configure() or

    # pluginctl firmware_reload

plist

@@ -1009,6 +1009,8 @@
 /usr/local/opnsense/scripts/firmware/register.php
 /usr/local/opnsense/scripts/firmware/reinstall.sh
 /usr/local/opnsense/scripts/firmware/remove.sh
+/usr/local/opnsense/scripts/firmware/repos/OPNsense.php
+/usr/local/opnsense/scripts/firmware/repos/README
 /usr/local/opnsense/scripts/firmware/resync.sh
 /usr/local/opnsense/scripts/firmware/running.sh
 /usr/local/opnsense/scripts/firmware/security.sh

src/etc/inc/system.inc

@@ -828,37 +828,21 @@ function get_memory()
 
 function system_firmware_configure($verbose = false)
 {
-    global $config;
+    service_log('Writing firmware settings:', $verbose);
 
-    service_log('Writing firmware setting...', $verbose);
+    $scripts = glob('/usr/local/opnsense/scripts/firmware/repos/*');
+    natsort($scripts);
 
-    /* calculate the effective ABI */
-    $args = [ exec_safe('-A %s', shell_safe('opnsense-version -x')) ];
-    $url_sub = '';
-
-    if (!empty($config['system']['firmware']['subscription'])) {
-        /*
-         * Append the url now that it is not in the mirror anymore.
-         * This only ever works if the mirror is set to a non-default.
-         */
-        $url_sub = '/' . $config['system']['firmware']['subscription'];
-    } else {
-        /* clear the license file when no subscription key is set */
-        @unlink('/usr/local/opnsense/version/core.license');
+    foreach ($scripts as $script) {
+        if (is_executable($script)) {
+            /* run the script in passthru() but avoid standard output from this side */
+            passthru($script . '> /dev/null');
+            /* make a note about repo being handled */
+            service_log(' ' . preg_replace('/\..*?$/', ' ', basename($script)));
+        }
     }
 
-    if (!empty($config['system']['firmware']['mirror'])) {
-        $args[] = exec_safe('-m %s', str_replace('/', '\/', $config['system']['firmware']['mirror'] . $url_sub));
-    }
-
-    if (!empty($config['system']['firmware']['flavour'])) {
-        $args[] = exec_safe('-n %s', str_replace('/', '\/', $config['system']['firmware']['flavour']));
-    }
-
-    /* rewrite the config via the defaults and possible arguments */
-    mwexec('/usr/local/sbin/opnsense-update -sd ' . join(' ', $args));
-
-    service_log("done.\n", $verbose);
+    service_log("\n");
 }
 
 function system_trust_configure($verbose = false)

src/opnsense/scripts/firmware/repos/OPNsense.php

@@ -0,0 +1,61 @@
+#!/usr/local/bin/php
+<?php
+
+/*
+ * Copyright (C) 2023 Franco Fichtner <franco@opnsense.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once('util.inc');
+require_once('script/load_phalcon.php');
+
+use OPNsense\Core\Config;
+
+$config = Config::getInstance()->object();
+
+/* calculate the effective ABI */
+$args = [ exec_safe('-A %s', shell_safe('opnsense-version -x')) ];
+$url_sub = '';
+
+if (!empty($config->system->firmware->subscription)) {
+    /*
+     * Append the url now that it is not in the mirror anymore.
+     * This only ever works if the mirror is set to a non-default.
+     */
+    $url_sub = '/' . $config->system->firmware->subscription;
+} else {
+    /* clear the license file when no subscription key is set */
+    @unlink('/usr/local/opnsense/version/core.license');
+}
+
+if (!empty($config->system->firmware->mirror)) {
+    $args[] = exec_safe('-m %s', str_replace('/', '\/', $config->system->firmware->mirror . $url_sub));
+}
+
+if (!empty($config->system->firmware->flavour)) {
+    $args[] = exec_safe('-n %s', str_replace('/', '\/', (string)$config->system->firmware->flavour));
+}
+
+/* rewrite the config via the defaults and possible arguments */
+shell_safe('/usr/local/sbin/opnsense-update -sd ' . join(' ', $args));

src/opnsense/scripts/firmware/repos/README

@@ -0,0 +1,7 @@
+Repository-based scripts live here to be provided by plugins.
+The firmware configuration will run any script with executable
+bit set regardless of the script language.  The scripts are not
+restricted in scope at the moment because we do not know all
+the requirements of other vendors.
+
+Single script per repository matching in name is recommended.