The individual scripts should return an error and clean up
their state in case they aborted (which isn't too easy but
in most cases moving the relevant files to the final location
is a good way of dealing with this problem).
Make sure we are ready for reboot with kernel replaced but
not yet booted. This way we can run the migration in the
last possible correct spot. We might even abort on errors
here which might be handy to catch issues... to be discussed.
When we move to the next major the file contents for
the txz are all the same but their signature is not.
So until the next changelog sync was carried out the
CHECKSUM matched and the signature will stay stale.
opnsense-update -K will handle subscription key return if found.
Fetch the license metadata if it exists, move it to core version
meta file and handle the contents dymanically if it exists.
The only issue for later is that changing the mirror away from
business we have a lingering license file until the next check
for updates is done.
Extends check.sh to fetch license json file when a uuid is found and flush this to /usr/local/opnsense/license.json.
The firmware page adds a license validity row, which is hidden by default and only shown when product.php returns 'product_license_valid_to'.
For the dashboard widget we'll add the "licensed until" string to the core product string when available.
This brings it in line with migrations although both hinge on
the idea that rc.configure_firmware is called to execute this
code. Both need a better integration but bringing them to the
same level seems to make the most sense.
After reboot the config is in a consistent state now too...
Remove previous plugins_interfaces() call and always use full
path to pluginctl like most spots already do.
Displaying changelogs requires a different menu flow but for now focus
on providing a changelog opportunistically before performing the update,
but intentionally after starting it to keep previous flow for now.
We can now safely check packages kernel and base set version from
opnsense-update. The basic idea is still that a packages set marker
is included now so we can refrain from updating packages once we
are crossing over a major version barrier using said packages set.
Change the ping to size 1500 to emulate a typical download
scenario. Sometimes small pings will respond but not the
larger fetch.
Secondly, do a separate IPv4 and IPv6 update of the repository
depending on whether we got a corresponding address from the
host. It should clear up the question if IPv4 or IPv6 or both
is broken/defunct/disabled.
