systemd support (--with-systemd) (config/install script untested)

author: Bernhard Tittelbach <service-anytun@tittelbach.org> 2015-01-16 00:13:27 +0000
committer: Bernhard Tittelbach <service-anytun@tittelbach.org> 2015-01-16 00:13:27 +0000
commit: 3de5d986dc5cebf31287d1c41388a1004976df7d (patch)
tree: d3acbf5aaf350354fd11ca833c85ae2b315f671b
parent: version output now includes compiler version (diff)
7 files changed, 131 insertions, 38 deletions
diff --git a/README b/README
index 09f1692..7d16590 100644
--- a/README
+++ b/README
@@ -182,6 +182,23 @@ of instance names which should be used when no names are specified at the comman
 line. One line for each name. Empty lines and lines starting with # are ignored.
 
 
+systemd usage
+-------------
+
+Using the provided service units, anytun can now be started and managed via Systemd.
+As with the init.d script, each VPN or anytun instance, identified by it's $vpnname,
+ needs it's own configuration subdirectory. E.g.:  ${PREFIX}/etc/anytun/${vpnname}/.
+For each such CLIENT instance, use the following command to enable it:
+
+# systemctl enable anytun@${vpnname}.service
+
+For each anytun SERVER instance, anytun-control must be enabled as well:
+
+# systemctl enable anytun@${vpnname}.service
+# systemctl enable anytun-control@${vpnname}.service
+
+Manually start and stop instances by replacing enable with start or stop.
+
 
 Errors:
 =======
diff --git a/etc/init.d/anytun b/etc/init.d/anytun
index 6905c67..aa5f0af 100755
--- a/etc/init.d/anytun
+++ b/etc/init.d/anytun
@@ -9,17 +9,13 @@
 # Description:       Enables networking over vpn tunnel interfaces
 ### END INIT INFO
 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/usr/sbin/anytun
-ANYTUNCONFIG=/usr/bin/anytun-config
-CONTROLDAEMON=/usr/bin/anytun-controld
+ANYTUNLAUNCHER=/usr/bin/anytun-launcher.sh
 NAME=anytun
 DESC=anytun
 CONFIG_DIR=/etc/anytun
 VARCONFIG_DIR=/var/run/anytun-controld
 VARRUN_DIR=/var/run/$NAME/
 
-test -x $DAEMON || exit 0
-
 # Include anytun defaults if available
 if [ -f /etc/default/anytun ] ; then
   . /etc/default/anytun
@@ -28,16 +24,7 @@ fi
 start_vpn () {
   STATUS="OK"
   if [ -f $CONFIG_DIR/$NAME/config ] ; then
-    POSTUP=''
-    test -f  $CONFIG_DIR/$NAME/post-up.sh && POSTUP="-x $CONFIG_DIR/$NAME/post-up.sh"
-    CHROOTDIR=`grep '^chroot' < $CONFIG_DIR/$NAME/config | sed 's/chroot\s*//'`
-    if [ -n "$CHROOTDIR" ] ; then
-      test -d $CHROOTDIR || mkdir -p $CHROOTDIR
-    fi
-    test -d $VARRUN_DIR || mkdir -p $VARRUN_DIR
-    DAEMONARG=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e '\w' | sed  's/^/--/' | tr '\n' ' '`
-    $DAEMON --write-pid $VARRUN_DIR/$NAME.pid $POSTUP \
-      $DAEMONOPTS $DAEMONARG || STATUS="FAILED"
+    $ANYTUNLAUNCHER vpn || STATUS="FAILED"
   else
     STATUS="no config found"
   fi
@@ -51,21 +38,7 @@ stop_vpn () {
 }
 
 start_configd () {
-  if [ -d $CONFIG_DIR/$NAME/conf.d ] ; then
-    test -d $VARCONFIG_DIR || mkdir -p $VARCONFIG_DIR
-    chmod 700 $VARCONFIG_DIR
-    rm -f $VARCONFIG_DIR/$NAME 2>/dev/null
-    KDPRF=`sed 's/#.*//'  <  $CONFIG_DIR/$NAME/config | grep -e 'kd-prf' | sed  's/^/ --/' | xargs echo`
-    for CLIENTNAME in `ls $CONFIG_DIR/$NAME/conf.d`; do
-      echo -n " ($CLIENTNAME)"
-      DAEMONARG=`sed 's/#.*//'  <  $CONFIG_DIR/$NAME/conf.d/$CLIENTNAME | grep -e '\w' | sed  's/^/ --/' | xargs echo`
-      $ANYTUNCONFIG $DAEMONARG $CIPHER $AUTHALGO $KDPRF >> $VARCONFIG_DIR/$NAME
-    done
-    CONTROLHOST=`sed 's/#.*//'  <  $CONFIG_DIR/$NAME/config | grep -e 'control-host' | sed  's/^/ --/' | xargs echo`
-    $CONTROLDAEMON -f $VARCONFIG_DIR/$NAME $DAEMONOPTS $CONTROLHOST \
-      --write-pid $VARCONFIG_DIR/$NAME.pid
-    # rm -f $VARCONFIG_DIR/$NAME
-  fi
+    $ANYTUNLAUNCHER configd
 }
 stop_configd () {
   if [ -d $CONFIG_DIR/$NAME/conf.d ] ; then
diff --git a/src/Makefile b/src/Makefile
index b2f1646..b04d76b 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -171,7 +171,7 @@ ANYCTRSRCS := $(ANYCTROBJS:%.o=%.cpp)
 ANYCONFSRCS := $(ANYCONFOBJS:%.o=%.cpp)
 EXESRCS := $(EXEOBJS:%.o=%.cpp)
 
-.PHONY: distclean cleanall clean manpage install install-bin install-etc install-man uninstall remove purge
+.PHONY: distclean cleanall clean manpage install install-bin install-etc install-man uninstall remove purge remove-systemd install-systemd remove-bin remove-man remove-examples
 
 all: $(EXECUTABLES) #libAnysync.a
 
@@ -211,13 +211,13 @@ anytun-controld$(EXE): $(ANYCTROBJS) anytun-controld.o
 	$(LD) $(ANYCTROBJS) anytun-controld.o -o $@ $(LDFLAGS)
 
 
-options.o: options.cpp 
+options.o: options.cpp
 	$(CXX) $(CXXFLAGS) -DANYTUN_OPTIONS $< -c -o $@
 
-anyCtrOptions.o: options.cpp 
+anyCtrOptions.o: options.cpp
 	$(CXX) $(CXXFLAGS) -DANYCTR_OPTIONS $< -c -o $@
 
-anyConfOptions.o: options.cpp 
+anyConfOptions.o: options.cpp
 	$(CXX) $(CXXFLAGS) -DANYCONF_OPTIONS $< -c -o $@
 
 nullOptions.o: options.cpp
@@ -234,7 +234,6 @@ libAnysync.a: $(OBJS)
 anyrtpproxy: anytun
 	$(MAKE) --directory=$(CURDIR)/anyrtpproxy
 
-
 distclean: cleanall
 	find . -name *.o -exec rm -f {} \;
 	rm -f config.sub config.guess
@@ -281,6 +280,11 @@ INSTALL_TARGETS += install-examples
 REMOVE_TARGETS += remove-examples
 endif
 
+ifdef SYSTEMD
+INSTALL_TARGETS += install-systemd
+REMOVE_TARGETS := remove-systemd
+endif
+
 install: all $(INSTALL_TARGETS)
 
 install-bin: $(EXECUTABLES)
@@ -290,18 +294,28 @@ install-bin: $(EXECUTABLES)
 	$(INSTALL) -m 755 anytun-config $(DESTDIR)$(BINDIR)
 	$(INSTALL) -m 755 anytun-controld $(DESTDIR)$(BINDIR)
 	$(INSTALL) -m 755 anytun-showtables $(DESTDIR)$(BINDIR)
+	@ sed -e 's#DAEMON=/usr/sbin/anytun#DAEMON=$(SBINDIR)/anytun#'                               \
+        -e 's#ANYTUNCONFIG=/usr/bin/anytun-config#ANYTUNCONFIG=$(BINDIR)/anytun-config#'       \
+        -e 's#CONTROLDAEMON=/usr/bin/anytun-controld#CONTROLDAEMON=$(BINDIR)/anytun-controld#' \
+        -e 's#CONFIG_DIR=/etc/anytun#CONFIG_DIR=$(ETCDIR)/anytun#' ../usr/bin/anytun-launcher.sh > ../usr/bin/anytun-launcher.sh.bak
+	$(INSTALL) -m 755 ../usr/bin/anytun-launcher.sh.bak $(DESTDIR)$(BINDIR)/anytun-launcher.sh
 
 install-etc:
 	$(INSTALL) -d $(DESTDIR)$(ETCDIR)/anytun
 	@ echo "example configurations can be found at $(EXAMPLESDIR)/anytun" > $(DESTDIR)$(ETCDIR)/anytun/README
 	$(INSTALL) -d $(DESTDIR)$(ETCDIR)/init.d
-	@ sed -e 's#DAEMON=/usr/sbin/anytun#DAEMON=$(SBINDIR)/anytun#'                               \
-        -e 's#ANYTUNCONFIG=/usr/bin/anytun-config#ANYTUNCONFIG=$(BINDIR)/anytun-config#'       \
-        -e 's#CONTROLDAEMON=/usr/bin/anytun-controld#CONTROLDAEMON=$(BINDIR)/anytun-controld#' \
+	@ sed -e 's#ANYTUNLAUNCHER=/usr/bin/anytun-launcher.sh#ANYTUNLAUNCHER=$(BINDIR)/anytun-launcher.sh#' \
         -e 's#CONFIG_DIR=/etc/anytun#CONFIG_DIR=$(ETCDIR)/anytun#' ../etc/init.d/anytun > ../etc/init.d/anytun.bak
 	$(INSTALL) -m 755 ../etc/init.d/anytun.bak $(DESTDIR)$(ETCDIR)/init.d/anytun
 	rm -f ../etc/init.d/anytun.bak
 
+install-systemd:
+	$(INSTALL) -d $(DESTDIR)/lib/systemd/system/
+	@ sed -e 's#/usr/bin/#$(DESTDIR)$(BINDIR)/#' ../usr/lib/systemd/system/anytun@.service > ../usr/lib/systemd/system/anytun@.service.bak
+	@ sed -e 's#/usr/bin/#$(DESTDIR)$(BINDIR)/#' ../usr/lib/systemd/system/anytun-control@.service > ../usr/lib/systemd/system/anytun-control@.service.bak
+	$(INSTALL) ../usr/lib/systemd/system/anytun@.service.bak $(DESTDIR)/lib/systemd/system/anytun@.service
+	$(INSTALL) ../usr/lib/systemd/system/anytun-control@.service.bak  $(DESTDIR)/anytun-control@.service
+
 install-examples:
 	$(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/anytun
 	$(INSTALL) -m 644 ../etc/anytun/autostart $(DESTDIR)$(EXAMPLESDIR)/anytun/autostart
@@ -351,6 +365,10 @@ remove-bin:
 remove-etc:
 	rm -f $(DESTDIR)$(ETCDIR)/init.d/anytun
 
+remove-systemd:
+	rm -f $(DESTDIR)/lib/systemd/system/anytun@.service
+	rm -f $(DESTDIR)/anytun-control@.service
+
 remove-examples:
 	rm -rf $(DESTDIR)$(EXAMPLESDIR)/anytun/
 
diff --git a/src/configure b/src/configure
index f070150..c318121 100755
--- a/src/configure
+++ b/src/configure
@@ -94,6 +94,7 @@ print_usage() {
   echo "          --with-gcrypt=<PREFIX>    don't use systemwide gcrypt"
   echo "          --with-nettle=<PREFIX>    don't use systemwide nettle"
   echo "          --with-openssl=<PREFIX>   don't use systemwide openssl"
+  echo "          --with-systemd            install systemd unit descriptions"
   echo "          --use-clang               use clang/llvm as compiler/linker"
 }
 
@@ -172,6 +173,9 @@ do
   --with-openssl=*)
     OPENSSL_PREFIX=${arg#--with-openssl=}
   ;;
+  --with-systemd=*)
+    SYSTEMD=1
+  ;;
   --help)
     print_usage
     exit 0
diff --git a/usr/bin/anytun-launcher.sh b/usr/bin/anytun-launcher.sh
new file mode 100755
index 0000000..8103f91
--- /dev/null
+++ b/usr/bin/anytun-launcher.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+NAME="${NAME:-$2}"
+
+DAEMON=/usr/sbin/anytun
+ANYTUNCONFIG=/usr/bin/anytun-config
+CONTROLDAEMON=/usr/bin/anytun-controld
+CONFIG_DIR=/etc/anytun
+VARCONFIG_DIR=/run/anytun-controld
+VARRUN_DIR=/run/anytun
+
+test -x $DAEMON || exit 0
+test -z $NAME && exit 1
+
+start_vpn () {
+  if [ -f $CONFIG_DIR/$NAME/config ] ; then
+    POSTUP=''
+    test -f  $CONFIG_DIR/$NAME/post-up.sh && POSTUP="-x $CONFIG_DIR/$NAME/post-up.sh"
+    CHROOTDIR=`grep '^chroot' < $CONFIG_DIR/$NAME/config | sed 's/chroot\s*//'`
+    if [ -n "$CHROOTDIR" ] ; then
+      test -d $CHROOTDIR || mkdir -p $CHROOTDIR
+    fi
+    test -d $VARRUN_DIR || mkdir -p $VARRUN_DIR
+    DAEMONARG=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e '\w' | sed  's/^/--/' | tr '\n' ' '`
+    $DAEMON --write-pid $VARRUN_DIR/$NAME.pid $POSTUP $DAEMONOPTS $DAEMONARG
+  else
+    echo "no config found" >&2
+    return 1
+  fi
+}
+
+start_configd () {
+  if [ -d $CONFIG_DIR/$NAME/conf.d ] ; then
+    test -d $VARCONFIG_DIR || mkdir -p $VARCONFIG_DIR
+    chmod 700 $VARCONFIG_DIR
+    rm -f $VARCONFIG_DIR/$NAME 2>/dev/null
+    KDPRF=`sed 's/#.*//'  <  $CONFIG_DIR/$NAME/config | grep -e 'kd-prf' | sed  's/^/ --/' | xargs echo`
+    for CLIENTNAME in `ls $CONFIG_DIR/$NAME/conf.d`; do
+      echo -n " ($CLIENTNAME)"
+      DAEMONARG=`sed 's/#.*//'  <  $CONFIG_DIR/$NAME/conf.d/$CLIENTNAME | grep -e '\w' | sed  's/^/ --/' | xargs echo`
+      $ANYTUNCONFIG $DAEMONARG $CIPHER $AUTHALGO $KDPRF >> $VARCONFIG_DIR/$NAME
+    done
+    CONTROLHOST=`sed 's/#.*//'  <  $CONFIG_DIR/$NAME/config | grep -e 'control-host' | sed  's/^/ --/' | xargs echo`
+    $CONTROLDAEMON -f $VARCONFIG_DIR/$NAME $DAEMONOPTS $CONTROLHOST \
+      --write-pid $VARCONFIG_DIR/$NAME.pid
+  else
+    echo "no conf.d directory found (maybe $NAME is an anytun client not a server?)" >&2
+    return 1
+  fi
+}
+
+case $1 in
+(vpn) start_vpn ;;
+(configd) start_configd ;;
+(*) exit 2;;
+esac
diff --git a/usr/lib/systemd/system/anytun-control@.service b/usr/lib/systemd/system/anytun-control@.service
new file mode 100644
index 0000000..ec857e9
--- /dev/null
+++ b/usr/lib/systemd/system/anytun-control@.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=AnyTun Server Config Control Daemon
+After=syslog.target network.target
+Requires=anytun@%i.service
+
+[Service]
+Type=simple
+PIDFile=/run/anytun-controld/%i.pid
+Environment="NAME=%i" "DAEMONOPTS=-D -L stdout:3"
+ExecStart=/usr/bin/anytun-launcher.sh configd
+
+[Install]
+WantedBy=multi-user.target
diff --git a/usr/lib/systemd/system/anytun@.service b/usr/lib/systemd/system/anytun@.service
new file mode 100644
index 0000000..2b7fa72
--- /dev/null
+++ b/usr/lib/systemd/system/anytun@.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=AnyTun secure anycast tunneling
+After=syslog.target network.target
+
+[Service]
+Type=simple
+PIDFile=/run/anytun/%i.pid
+Environment="NAME=%i" "DAEMONOPTS=-D -L stdout:3"
+ExecStart=/usr/bin/anytun-launcher.sh vpn
+
+[Install]
+WantedBy=multi-user.target
author	Bernhard Tittelbach <service-anytun@tittelbach.org>	2015-01-16 00:13:27 +0000
committer	Bernhard Tittelbach <service-anytun@tittelbach.org>	2015-01-16 00:13:27 +0000
commit	3de5d986dc5cebf31287d1c41388a1004976df7d (patch)
tree	d3acbf5aaf350354fd11ca833c85ae2b315f671b
parent	version output now includes compiler version (diff)