From 75b2903ac23c463122efce331cefaa7ef44f5742 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrien=20Gallou=C3=ABt?= Date: Sun, 26 Nov 2017 08:23:25 +0000 Subject: [PATCH] Add unit systemd files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Adrien Gallouët --- meson.build | 41 +++++++++++++++++++++++++++------ systemd/glorytun-client.network | 10 ++++++++ systemd/glorytun-run | 29 +++++++++++++++++++++++ systemd/glorytun-setup | 36 +++++++++++++++++++++++++++++ systemd/glorytun.network | 14 +++++++++++ systemd/glorytun@.service.in | 12 ++++++++++ 6 files changed, 135 insertions(+), 7 deletions(-) create mode 100644 systemd/glorytun-client.network create mode 100755 systemd/glorytun-run create mode 100755 systemd/glorytun-setup create mode 100644 systemd/glorytun.network create mode 100644 systemd/glorytun@.service.in diff --git a/meson.build b/meson.build index 5090ca4..6073b66 100644 --- a/meson.build +++ b/meson.build @@ -4,19 +4,46 @@ project('glorytun', 'c', default_options : [ 'buildtype=debugoptimized' ] ) +prefix = get_option('prefix') +bindir = join_paths(prefix, get_option('bindir')) + +conf_data = configuration_data() +conf_data.set('prefix', prefix) +conf_data.set('bindir', bindir) + add_global_arguments('-DPACKAGE_VERSION="'+meson.project_version()+'"', language : 'c') src = [ - 'src/common.c', - 'src/iface.c', - 'src/option.c', - 'src/tun.c', - 'mud/mud.c', - 'src/main.c' + 'src/common.c', + 'src/iface.c', + 'src/option.c', + 'src/tun.c', + 'mud/mud.c', + 'src/main.c' ] deps = [ - dependency('libsodium', version : '>=1.0.4') + dependency('libsodium', version : '>=1.0.4') ] executable('glorytun', install: true, sources: src, dependencies: deps) + +systemd = dependency('systemd') + +if systemd.found() + systemdutildir = systemd.get_pkgconfig_variable('systemdutildir') + configure_file( + input: 'systemd/glorytun@.service.in', + output: 'glorytun@.service', + configuration: conf_data, + install_dir: join_paths(systemdutildir, 'system') + ) + install_data('systemd/glorytun.network', + install_dir: join_paths(systemdutildir, 'network')) + install_data('systemd/glorytun-client.network', + install_dir: join_paths(systemdutildir, 'network')) + install_data('systemd/glorytun-run', + install_dir: bindir) + install_data('systemd/glorytun-setup', + install_dir: bindir) +endif diff --git a/systemd/glorytun-client.network b/systemd/glorytun-client.network new file mode 100644 index 0000000..e80b7ab --- /dev/null +++ b/systemd/glorytun-client.network @@ -0,0 +1,10 @@ +[Match] +Name=gtc-* + +[Network] +Description=Glorytun client device +DHCP=ipv4 + +[DHCP] +CriticalConnection=yes +RouteTable=200 diff --git a/systemd/glorytun-run b/systemd/glorytun-run new file mode 100755 index 0000000..17746b9 --- /dev/null +++ b/systemd/glorytun-run @@ -0,0 +1,29 @@ +#!/bin/sh + +if [ ! -f "$1" ]; then + echo "usage: $(basename "$0") FILE" + exit 1 +fi + +. "$(readlink -f "$1")" + +DEV="gt${HOST:+c}-$(basename "$1")" + +# Setting BIND is like going to 'expert mode' +# This helper is pretty stupid and still needs some work +if [ -n "$HOST" ] && [ -z "$BIND" ]; then + BIND=$(ip route get "$HOST" | awk '/src/{getline;print $0}' RS=' ') + ip rule add from "$BIND" table main pref 32000 + ip rule add from all table 200 pref 32001 +fi + +exec glorytun \ + v4only \ + keyfile "$1".key \ + dev "$DEV" \ + ${HOST:+host "$HOST"} \ + ${PORT:+port "$PORT"} \ + ${BIND:+bind "$BIND"} \ + ${BIND_PORT:+bind-port "$BIND_PORT"} \ + ${MTU:+mtu "$MTU"} \ + ${MTU_AUTO:+mtu-auto} diff --git a/systemd/glorytun-setup b/systemd/glorytun-setup new file mode 100755 index 0000000..e3afada --- /dev/null +++ b/systemd/glorytun-setup @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +_ask() { + printf "%s: " "$1" + read -r "$2" +} + +_NAME=tun0 +_ask "Config filename ($_NAME)" NAME +NAME=${NAME:-$_NAME} + +if [ -f /etc/glorytun/"$NAME" ]; then + echo "This config already exit!" + exit 1 +fi + +_ask "Server ip (enter for server conf)" HOST + +_ask "Server key (enter to generate a new one)" KEY +if [ -z "$KEY" ]; then + KEY=$(glorytun keygen) || exit + echo "Your new key: $KEY" +fi + +mkdir -p /etc/glorytun +FILE="/etc/glorytun/$NAME" + +echo "${HOST:+HOST=$HOST}" > "$FILE" + +touch "$FILE.key" +chmod 600 "$FILE.key" +echo "$KEY" > "$FILE.key" + +echo "Done" diff --git a/systemd/glorytun.network b/systemd/glorytun.network new file mode 100644 index 0000000..6ea6d2b --- /dev/null +++ b/systemd/glorytun.network @@ -0,0 +1,14 @@ +[Match] +Name=gt-* + +[Network] +Description=Glorytun server device +Address=0.0.0.0/24 +DHCPServer=yes +IPMasquerade=yes + +[DHCPServer] +PoolOffset=2 +PoolSize=1 +EmitDNS=yes +DNS=9.9.9.9 diff --git a/systemd/glorytun@.service.in b/systemd/glorytun@.service.in new file mode 100644 index 0000000..bcbf45b --- /dev/null +++ b/systemd/glorytun@.service.in @@ -0,0 +1,12 @@ +[Unit] +Description=Glorytun on %I +After=network.target + +[Service] +Type=simple +Restart=always +ExecStart=@bindir@/glorytun-run /etc/glorytun/%i +CapabilityBoundingSet=CAP_NET_ADMIN + +[Install] +WantedBy=multi-user.target