Add automated update service, 'post-merge' hook

This allows for semi-unattended updates for home-server configuration
for managed systems, and is run once every hour by default.

config/common/common.bu

@@ -32,3 +32,7 @@ systemd:
       enabled: true
     - name: container-volume-restore@.service
       enabled: true
+    - name: coreos-home-server-update.service
+      enabled: true
+    - name: coreos-home-server-update.timer
+      enabled: true

config/common/systemd/coreos-home-server-update.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=CoreOS Home Server Update
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=oneshot
+SyslogIdentifier=%N
+PrivateTmp=true
+Environment=GIT_REMOTE_URL=https://github.com/deuill/coreos-home-server.git
+ExecStartPre=/usr/bin/git clone --verbose --depth=1 -- $GIT_REMOTE_URL %T/coreos-home-server
+ExecStart=/bin/sh %T/coreos-home-server/hooks/post-merge
+
+[Install]
+WantedBy=multi-user.target

config/common/systemd/coreos-home-server-update.timer

@@ -0,0 +1,9 @@
+[Unit]
+Description=Scheduled Update for CoreOS Home Server
+
+[Timer]
+OnCalendar=hourly
+RandomizedDelaySec=5m
+
+[Install]
+WantedBy=timers.target

hooks/post-merge

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+#
+# Hook for updating local configuration on each pull. This will automatically put files in their
+# right places, but will not enable or start any services automatically; this is left to the user.
+#
+# Move this to '.git/hooks/post-merge' to have to run automatically after every 'git pull' operation.
+# The script assumes write access to host directories, and a CoreOS host. Don't run on other systems!
+
+set -euo pipefail
+
+# Base configuration variables.
+ROOTDIR="$(dirname "$(git rev-parse --git-dir)")"
+COREOS_CONFIG_DIR="/etc/coreos-home-server"
+SYSTEMD_CONFIG_DIR="/etc/systemd/system"
+
+function sync-coreos() {
+      local from="${ROOTDIR}/config" to="${COREOS_CONFIG_DIR}"
+      rsync --recursive --update --links --times --perms --delete-after --delete-excluded \
+            --exclude=.git --exclude=*.fcc --exclude=*.ign --filter='protect *.env' "${from}"/*/ "${to}/"
+}
+
+function sync-systemd() {
+      local from="${ROOTDIR}/config" to="${SYSTEMD_CONFIG_DIR}"
+      rsync --info=name --recursive --update "${from}"/*/systemd/ "${from}"/*/*/systemd/ "${to}/"
+}
+
+function main() {
+      local buffer
+
+      # Synchronize local configuration into host directory.
+      echo "Synchronizing host configuration in '${COREOS_CONFIG_DIR}'..."
+      sync-coreos
+
+      echo "Synchronizing systemd configuration in '${SYSTEMD_CONFIG_DIR}'..."
+      buffer=$(sync-systemd)
+
+      if test -n "${buffer}"; then
+            echo "Systemd services updated, reloading daemon..."
+            echo "${buffer}"
+            sudo systemctl daemon-reload
+      fi
+}
+
+# Execute program body.
+main "$@"

host/lhr01nuc/spec.bu

@@ -3,8 +3,8 @@ version: 1.3.0
 ignition:
   config:
     merge:
+      - local: common/common.ign
       - local: common/logging.ign
-      - local: common/container.ign
       - local: service/redis/spec.ign
       - local: service/mariadb/spec.ign
       - local: service/nginx/spec.ign

host/lhr01srv/spec.bu

@@ -3,8 +3,8 @@ version: 1.3.0
 ignition:
   config:
     merge:
+      - local: common/common.ign
       - local: common/logging.ign
-      - local: common/container.ign
       - local: service/redis/spec.ign
       - local: service/mariadb/spec.ign
       - local: service/nginx/spec.ign

host/virtual/spec.bu

@@ -3,8 +3,8 @@ version: 1.3.0
 ignition:
   config:
     merge:
+      - local: common/common.ign
       - local: common/logging.ign
-      - local: common/container.ign
       - local: service/redis/spec.ign
       - local: service/mariadb/spec.ign
       - local: service/nginx/spec.ign