375 lines
10 KiB
Go
375 lines
10 KiB
Go
// +build linux
|
|
|
|
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
"github.com/rs/zerolog"
|
|
"github.com/urfave/cli/v2"
|
|
|
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
|
|
"github.com/cloudflare/cloudflared/config"
|
|
"github.com/cloudflare/cloudflared/logger"
|
|
)
|
|
|
|
func runApp(app *cli.App, graceShutdownC chan struct{}) {
|
|
app.Commands = append(app.Commands, &cli.Command{
|
|
Name: "service",
|
|
Usage: "Manages the Argo Tunnel system service",
|
|
Subcommands: []*cli.Command{
|
|
{
|
|
Name: "install",
|
|
Usage: "Install Argo Tunnel as a system service",
|
|
Action: cliutil.ConfiguredAction(installLinuxService),
|
|
Flags: []cli.Flag{
|
|
&cli.BoolFlag{
|
|
Name: "legacy",
|
|
Usage: "Generate service file for non-named tunnels",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
Name: "uninstall",
|
|
Usage: "Uninstall the Argo Tunnel service",
|
|
Action: cliutil.ConfiguredAction(uninstallLinuxService),
|
|
},
|
|
},
|
|
})
|
|
app.Run(os.Args)
|
|
}
|
|
|
|
// The directory and files that are used by the service.
|
|
// These are hard-coded in the templates below.
|
|
const (
|
|
serviceConfigDir = "/etc/cloudflared"
|
|
serviceConfigFile = "config.yml"
|
|
serviceCredentialFile = "cert.pem"
|
|
serviceConfigPath = serviceConfigDir + "/" + serviceConfigFile
|
|
)
|
|
|
|
var systemdTemplates = []ServiceTemplate{
|
|
{
|
|
Path: "/etc/systemd/system/cloudflared.service",
|
|
Content: `[Unit]
|
|
Description=Argo Tunnel
|
|
After=network.target
|
|
|
|
[Service]
|
|
TimeoutStartSec=0
|
|
Type=notify
|
|
ExecStart={{ .Path }} --config /etc/cloudflared/config.yml --no-autoupdate{{ range .ExtraArgs }} {{ . }}{{ end }}
|
|
Restart=on-failure
|
|
RestartSec=5s
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
`,
|
|
},
|
|
{
|
|
Path: "/etc/systemd/system/cloudflared-update.service",
|
|
Content: `[Unit]
|
|
Description=Update Argo Tunnel
|
|
After=network.target
|
|
|
|
[Service]
|
|
ExecStart=/bin/bash -c '{{ .Path }} update; code=$?; if [ $code -eq 11 ]; then systemctl restart cloudflared; exit 0; fi; exit $code'
|
|
`,
|
|
},
|
|
{
|
|
Path: "/etc/systemd/system/cloudflared-update.timer",
|
|
Content: `[Unit]
|
|
Description=Update Argo Tunnel
|
|
|
|
[Timer]
|
|
OnCalendar=daily
|
|
|
|
[Install]
|
|
WantedBy=timers.target
|
|
`,
|
|
},
|
|
}
|
|
|
|
var sysvTemplate = ServiceTemplate{
|
|
Path: "/etc/init.d/cloudflared",
|
|
FileMode: 0755,
|
|
Content: `#!/bin/sh
|
|
# For RedHat and cousins:
|
|
# chkconfig: 2345 99 01
|
|
# description: Argo Tunnel agent
|
|
# processname: {{.Path}}
|
|
### BEGIN INIT INFO
|
|
# Provides: {{.Path}}
|
|
# Required-Start:
|
|
# Required-Stop:
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Short-Description: Argo Tunnel
|
|
# Description: Argo Tunnel agent
|
|
### END INIT INFO
|
|
name=$(basename $(readlink -f $0))
|
|
cmd="{{.Path}} --config /etc/cloudflared/config.yml --pidfile /var/run/$name.pid --autoupdate-freq 24h0m0s{{ range .ExtraArgs }} {{ . }}{{ end }}"
|
|
pid_file="/var/run/$name.pid"
|
|
stdout_log="/var/log/$name.log"
|
|
stderr_log="/var/log/$name.err"
|
|
[ -e /etc/sysconfig/$name ] && . /etc/sysconfig/$name
|
|
get_pid() {
|
|
cat "$pid_file"
|
|
}
|
|
is_running() {
|
|
[ -f "$pid_file" ] && ps $(get_pid) > /dev/null 2>&1
|
|
}
|
|
case "$1" in
|
|
start)
|
|
if is_running; then
|
|
echo "Already started"
|
|
else
|
|
echo "Starting $name"
|
|
$cmd >> "$stdout_log" 2>> "$stderr_log" &
|
|
echo $! > "$pid_file"
|
|
fi
|
|
;;
|
|
stop)
|
|
if is_running; then
|
|
echo -n "Stopping $name.."
|
|
kill $(get_pid)
|
|
for i in {1..10}
|
|
do
|
|
if ! is_running; then
|
|
break
|
|
fi
|
|
echo -n "."
|
|
sleep 1
|
|
done
|
|
echo
|
|
if is_running; then
|
|
echo "Not stopped; may still be shutting down or shutdown may have failed"
|
|
exit 1
|
|
else
|
|
echo "Stopped"
|
|
if [ -f "$pid_file" ]; then
|
|
rm "$pid_file"
|
|
fi
|
|
fi
|
|
else
|
|
echo "Not running"
|
|
fi
|
|
;;
|
|
restart)
|
|
$0 stop
|
|
if is_running; then
|
|
echo "Unable to stop, will not attempt to start"
|
|
exit 1
|
|
fi
|
|
$0 start
|
|
;;
|
|
status)
|
|
if is_running; then
|
|
echo "Running"
|
|
else
|
|
echo "Stopped"
|
|
exit 1
|
|
fi
|
|
;;
|
|
*)
|
|
echo "Usage: $0 {start|stop|restart|status}"
|
|
exit 1
|
|
;;
|
|
esac
|
|
exit 0
|
|
`,
|
|
}
|
|
|
|
func isSystemd() bool {
|
|
if _, err := os.Stat("/run/systemd/system"); err == nil {
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
func copyUserConfiguration(userConfigDir, userConfigFile, userCredentialFile string, log *zerolog.Logger) error {
|
|
srcCredentialPath := filepath.Join(userConfigDir, userCredentialFile)
|
|
destCredentialPath := filepath.Join(serviceConfigDir, serviceCredentialFile)
|
|
if srcCredentialPath != destCredentialPath {
|
|
if err := copyCredential(srcCredentialPath, destCredentialPath); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
srcConfigPath := filepath.Join(userConfigDir, userConfigFile)
|
|
destConfigPath := filepath.Join(serviceConfigDir, serviceConfigFile)
|
|
if srcConfigPath != destConfigPath {
|
|
if err := copyConfig(srcConfigPath, destConfigPath); err != nil {
|
|
return err
|
|
}
|
|
log.Info().Msgf("Copied %s to %s", srcConfigPath, destConfigPath)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func installLinuxService(c *cli.Context) error {
|
|
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
|
|
|
|
etPath, err := os.Executable()
|
|
if err != nil {
|
|
return fmt.Errorf("error determining executable path: %v", err)
|
|
}
|
|
templateArgs := ServiceTemplateArgs{
|
|
Path: etPath,
|
|
}
|
|
|
|
if err := ensureConfigDirExists(serviceConfigDir); err != nil {
|
|
return err
|
|
}
|
|
if c.Bool("legacy") {
|
|
userConfigDir := filepath.Dir(c.String("config"))
|
|
userConfigFile := filepath.Base(c.String("config"))
|
|
userCredentialFile := config.DefaultCredentialFile
|
|
if err = copyUserConfiguration(userConfigDir, userConfigFile, userCredentialFile, log); err != nil {
|
|
log.Err(err).Msgf("Failed to copy user configuration. Before running the service, ensure that %s contains two files, %s and %s",
|
|
serviceConfigDir, serviceCredentialFile, serviceConfigFile)
|
|
return err
|
|
}
|
|
templateArgs.ExtraArgs = []string{
|
|
"--origincert", serviceConfigDir + "/" + serviceCredentialFile,
|
|
}
|
|
} else {
|
|
src, err := config.ReadConfigFile(c, log)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// can't use context because this command doesn't define "credentials-file" flag
|
|
configPresent := func(s string) bool {
|
|
val, err := src.String(s)
|
|
return err == nil && val != ""
|
|
}
|
|
if src.TunnelID == "" || !configPresent(tunnel.CredFileFlag) {
|
|
return fmt.Errorf(`Configuration file %s must contain entries for the tunnel to run and its associated credentials:
|
|
tunnel: TUNNEL-UUID
|
|
credentials-file: CREDENTIALS-FILE
|
|
`, src.Source())
|
|
}
|
|
if src.Source() != serviceConfigPath {
|
|
if exists, err := config.FileExists(serviceConfigPath); err != nil || exists {
|
|
return fmt.Errorf("Possible conflicting configuration in %[1]s and %[2]s. Either remove %[2]s or run `cloudflared --config %[2]s service install`", src.Source(), serviceConfigPath)
|
|
}
|
|
|
|
if err := copyFile(src.Source(), serviceConfigPath); err != nil {
|
|
return fmt.Errorf("failed to copy %s to %s: %w", src.Source(), serviceConfigPath, err)
|
|
}
|
|
}
|
|
|
|
templateArgs.ExtraArgs = []string{
|
|
"tunnel", "run",
|
|
}
|
|
}
|
|
|
|
switch {
|
|
case isSystemd():
|
|
log.Info().Msgf("Using Systemd")
|
|
return installSystemd(&templateArgs, log)
|
|
default:
|
|
log.Info().Msgf("Using SysV")
|
|
return installSysv(&templateArgs, log)
|
|
}
|
|
}
|
|
|
|
func installSystemd(templateArgs *ServiceTemplateArgs, log *zerolog.Logger) error {
|
|
for _, serviceTemplate := range systemdTemplates {
|
|
err := serviceTemplate.Generate(templateArgs)
|
|
if err != nil {
|
|
log.Err(err).Msg("error generating service template")
|
|
return err
|
|
}
|
|
}
|
|
if err := runCommand("systemctl", "enable", "cloudflared.service"); err != nil {
|
|
log.Err(err).Msg("systemctl enable cloudflared.service error")
|
|
return err
|
|
}
|
|
if err := runCommand("systemctl", "start", "cloudflared-update.timer"); err != nil {
|
|
log.Err(err).Msg("systemctl start cloudflared-update.timer error")
|
|
return err
|
|
}
|
|
log.Info().Msg("systemctl daemon-reload")
|
|
return runCommand("systemctl", "daemon-reload")
|
|
}
|
|
|
|
func installSysv(templateArgs *ServiceTemplateArgs, log *zerolog.Logger) error {
|
|
confPath, err := sysvTemplate.ResolvePath()
|
|
if err != nil {
|
|
log.Err(err).Msg("error resolving system path")
|
|
return err
|
|
}
|
|
if err := sysvTemplate.Generate(templateArgs); err != nil {
|
|
log.Err(err).Msg("error generating system template")
|
|
return err
|
|
}
|
|
for _, i := range [...]string{"2", "3", "4", "5"} {
|
|
if err := os.Symlink(confPath, "/etc/rc"+i+".d/S50et"); err != nil {
|
|
continue
|
|
}
|
|
}
|
|
for _, i := range [...]string{"0", "1", "6"} {
|
|
if err := os.Symlink(confPath, "/etc/rc"+i+".d/K02et"); err != nil {
|
|
continue
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func uninstallLinuxService(c *cli.Context) error {
|
|
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
|
|
|
|
switch {
|
|
case isSystemd():
|
|
log.Info().Msg("Using Systemd")
|
|
return uninstallSystemd(log)
|
|
default:
|
|
log.Info().Msg("Using SysV")
|
|
return uninstallSysv(log)
|
|
}
|
|
}
|
|
|
|
func uninstallSystemd(log *zerolog.Logger) error {
|
|
if err := runCommand("systemctl", "disable", "cloudflared.service"); err != nil {
|
|
log.Err(err).Msg("systemctl disable cloudflared.service error")
|
|
return err
|
|
}
|
|
if err := runCommand("systemctl", "stop", "cloudflared-update.timer"); err != nil {
|
|
log.Err(err).Msg("systemctl stop cloudflared-update.timer error")
|
|
return err
|
|
}
|
|
for _, serviceTemplate := range systemdTemplates {
|
|
if err := serviceTemplate.Remove(); err != nil {
|
|
log.Err(err).Msg("error removing service template")
|
|
return err
|
|
}
|
|
}
|
|
log.Info().Msgf("Successfully uninstalled cloudflared service from systemd")
|
|
return nil
|
|
}
|
|
|
|
func uninstallSysv(log *zerolog.Logger) error {
|
|
if err := sysvTemplate.Remove(); err != nil {
|
|
log.Err(err).Msg("error removing service template")
|
|
return err
|
|
}
|
|
for _, i := range [...]string{"2", "3", "4", "5"} {
|
|
if err := os.Remove("/etc/rc" + i + ".d/S50et"); err != nil {
|
|
continue
|
|
}
|
|
}
|
|
for _, i := range [...]string{"0", "1", "6"} {
|
|
if err := os.Remove("/etc/rc" + i + ".d/K02et"); err != nil {
|
|
continue
|
|
}
|
|
}
|
|
log.Info().Msgf("Successfully uninstalled cloudflared service from sysv")
|
|
return nil
|
|
}
|