diff options
| author | Daniel Graña | 2023-12-12 20:36:21 -0300 |
|---|---|---|
| committer | Daniel Graña | 2023-12-12 20:36:21 -0300 |
| commit | 82b79e0413e97d41c27b62b0b6d8af248d6c04cd (patch) | |
| tree | 14c8b7dcac34a129f8d0789cef463dc821aa90d5 | |
| parent | 15b87339dd4c106a63f611bf5557e0a3d08d7e5f (diff) | |
| download | aur-82b79e0413e97d41c27b62b0b6d8af248d6c04cd.tar.gz | |
Add busybox init style hook
| -rw-r--r-- | .SRCINFO | 10 | ||||
| -rw-r--r-- | Makefile | 14 | ||||
| -rw-r--r-- | PKGBUILD | 15 | ||||
| -rwxr-xr-x | setup-initcpio-tailscale | 2 | ||||
| -rw-r--r-- | tailscale_hook | 19 | ||||
| -rw-r--r-- | tailscale_install | 49 |
6 files changed, 95 insertions, 14 deletions
@@ -1,14 +1,18 @@ pkgbase = mkinitcpio-tailscale pkgdesc = Collection of mkinitcpio install hooks to integrate Tailscale into initramfs - pkgver = 0.1 - pkgrel = 6 + pkgver = 0.2 + pkgrel = 1 url = https://github.com/dangra/mkinitcpio-tailscale arch = any license = GPL-2.0-or-later depends = mkinitcpio source = sd-tailscale + source = tailscale_hook + source = tailscale_install source = setup-initcpio-tailscale sha256sums = c57ea49b3dd783b0b127e1e795edc048df4caa6928100f7f0483e8167ac3fb40 - sha256sums = 2630df3dadb9679cf8f9c38f8974e9f3f5be6c9a5694963104386d652e03eea8 + sha256sums = d9c513e6b8eea84cbce8ca9c36edcf245e6a46ac29bdbf73e1b9001062dafdbd + sha256sums = 50333551578d53f0f43b2a3e4a9e1ed390f9217f844dcef4a353c3cce9763c86 + sha256sums = 480dec84c705dc437cb6fb1715031c1ea8e48c6b89cb0fd8c86a3af7169062f7 pkgname = mkinitcpio-tailscale @@ -1,5 +1,12 @@ -.PHONY: update +.PHONY: build install update checksums srcinfo + + +build: update + makepkg -cCf + +install: update + makepkg -icCf update: checksums srcinfo @@ -9,8 +16,3 @@ checksums: srcinfo: makepkg --printsrcinfo >.SRCINFO -build: update - makepkg -cCf - -install: update - makepkg -icCf @@ -1,18 +1,25 @@ # Maintainer: Daniel Graña <dangra at gmail dot com> pkgname=mkinitcpio-tailscale -pkgver=0.1 -pkgrel=6 +pkgver=0.2 +pkgrel=1 pkgdesc="Collection of mkinitcpio install hooks to integrate Tailscale into initramfs" arch=("any") url="https://github.com/dangra/mkinitcpio-tailscale" license=("GPL-2.0-or-later") depends=("mkinitcpio") -source=("sd-tailscale" "setup-initcpio-tailscale") +source=("sd-tailscale" + "tailscale_hook" + "tailscale_install" + "setup-initcpio-tailscale") sha256sums=('c57ea49b3dd783b0b127e1e795edc048df4caa6928100f7f0483e8167ac3fb40' - '2630df3dadb9679cf8f9c38f8974e9f3f5be6c9a5694963104386d652e03eea8') + 'd9c513e6b8eea84cbce8ca9c36edcf245e6a46ac29bdbf73e1b9001062dafdbd' + '50333551578d53f0f43b2a3e4a9e1ed390f9217f844dcef4a353c3cce9763c86' + '480dec84c705dc437cb6fb1715031c1ea8e48c6b89cb0fd8c86a3af7169062f7') package() { install -m 755 -D ${srcdir}/setup-initcpio-tailscale ${pkgdir}/usr/bin/setup-initcpio-tailscale install -m 644 -D ${srcdir}/sd-tailscale ${pkgdir}/usr/lib/initcpio/install/sd-tailscale + install -m 644 -D ${srcdir}/tailscale_install ${pkgdir}/usr/lib/initcpio/install/tailscale + install -m 644 -D ${srcdir}/tailscale_hook ${pkgdir}/usr/lib/initcpio/hooks/tailscale } diff --git a/setup-initcpio-tailscale b/setup-initcpio-tailscale index 741775e57976..92f50c386e28 100755 --- a/setup-initcpio-tailscale +++ b/setup-initcpio-tailscale @@ -79,7 +79,7 @@ info "tailscale successfully configured. Next steps: * Disable key expiry for '${TS_HOSTNAME}' at https://login.tailscale.com/admin/machines * Review ${TS_STATEDIR}/default.env (as root) - * Add 'systemd' and 'sd-tailscale' hooks to /etc/mkinitcpio.conf + * Edit /etc/mkinitcpio.conf and add 'tailscale' hook for busybox init, or sd-tailscale' hook for systemd init. * Run 'mkinitcpio -P' to rebuild initramfs * Check the README at https://github.com/dangra/mkinitcpio-tailscale for security considerations diff --git a/tailscale_hook b/tailscale_hook new file mode 100644 index 000000000000..c0529c5165e3 --- /dev/null +++ b/tailscale_hook @@ -0,0 +1,19 @@ +#!/usr/bin/env ash + +run_hook() ( + echo "Starting Tailscale" + . /etc/default/tailscaled + + # Launch tailscale agent in the background + /usr/sbin/tailscaled \ + --state=/var/lib/tailscale/tailscaled.state \ + --socket=/run/tailscale/tailscaled.sock \ + --port="${PORT}" ${FLAGS} & + + echo "$!" >/run/tailscaled.pid +) + +run_cleanuphook() { + local pid=$(cat /run/tailscaled.pid 2>/dev/null) + [[ -z $pid ]] || kill "$pid" +} diff --git a/tailscale_install b/tailscale_install new file mode 100644 index 000000000000..b18585f98440 --- /dev/null +++ b/tailscale_install @@ -0,0 +1,49 @@ +#!/usr/bin/env ash + +build() { + if ! pacman -Qi tailscale >/dev/null 2>&1; then + error "Package tailscale not installed" + return 1 + fi + + local setupdir="/etc/initcpio/tailscale" + for fn in tailscaled.state default.env; do + if ! [[ -r "${setupdir}/${fn}" && -s "${setupdir}/${fn}" ]]; then + error "Missing configuration file at ${setupdir}/${fn}. Have you run setup-initcpio-tailscale yet?" + return 1 + fi + done + add_file ${setupdir}/default.env /etc/default/tailscaled + add_file ${setupdir}/tailscaled.state /var/lib/tailscale/tailscaled.state + + # tailscale requirements + add_module tun + add_full_dir /usr/lib/xtables + add_all_modules netfilter + map add_binary iptables ip6tables tailscale tailscaled + + add_run_script +} + +help() { + cat <<-__EOF_HELP__ + This hook enables tailscale service within busybox initramfs. + + It copies all required files and binaries to initramfs and runs + tailscale daemon in the background. Remember to place it before + any other hook that blocks for input like the 'encrypt' hook. + + Configuration is copied into the initramfs from: + + * /etc/initcpio/tailscale/tailscaled.state to /var/lib/tailscale/tailscaled.state + * /etc/initcpio/tailscale/default.env to /etc/default/tailscaled + + Run setup-initcpio-tailscale to initialize /etc/initcpio/tailscale/ configuration files. + + This hook must come after the network is setup and before other hooks that blocks the + init chain. Place it before 'encrypt' if you plan to unlock a rootfs remotely. + + __EOF_HELP__ +} + +# vim: noexpandtab |