From 3de5d986dc5cebf31287d1c41388a1004976df7d Mon Sep 17 00:00:00 2001 From: Bernhard Tittelbach Date: Fri, 16 Jan 2015 00:13:27 +0000 Subject: systemd support (--with-systemd) (config/install script untested) --- README | 17 ++++++++ etc/init.d/anytun | 33 ++------------- src/Makefile | 34 ++++++++++++---- src/configure | 4 ++ usr/bin/anytun-launcher.sh | 56 ++++++++++++++++++++++++++ usr/lib/systemd/system/anytun-control@.service | 13 ++++++ usr/lib/systemd/system/anytun@.service | 12 ++++++ 7 files changed, 131 insertions(+), 38 deletions(-) create mode 100755 usr/bin/anytun-launcher.sh create mode 100644 usr/lib/systemd/system/anytun-control@.service create mode 100644 usr/lib/systemd/system/anytun@.service diff --git a/README b/README index 09f1692..7d16590 100644 --- a/README +++ b/README @@ -182,6 +182,23 @@ of instance names which should be used when no names are specified at the comman line. One line for each name. Empty lines and lines starting with # are ignored. +systemd usage +------------- + +Using the provided service units, anytun can now be started and managed via Systemd. +As with the init.d script, each VPN or anytun instance, identified by it's $vpnname, + needs it's own configuration subdirectory. E.g.: ${PREFIX}/etc/anytun/${vpnname}/. +For each such CLIENT instance, use the following command to enable it: + +# systemctl enable anytun@${vpnname}.service + +For each anytun SERVER instance, anytun-control must be enabled as well: + +# systemctl enable anytun@${vpnname}.service +# systemctl enable anytun-control@${vpnname}.service + +Manually start and stop instances by replacing enable with start or stop. + Errors: ======= diff --git a/etc/init.d/anytun b/etc/init.d/anytun index 6905c67..aa5f0af 100755 --- a/etc/init.d/anytun +++ b/etc/init.d/anytun @@ -9,17 +9,13 @@ # Description: Enables networking over vpn tunnel interfaces ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/anytun -ANYTUNCONFIG=/usr/bin/anytun-config -CONTROLDAEMON=/usr/bin/anytun-controld +ANYTUNLAUNCHER=/usr/bin/anytun-launcher.sh NAME=anytun DESC=anytun CONFIG_DIR=/etc/anytun VARCONFIG_DIR=/var/run/anytun-controld VARRUN_DIR=/var/run/$NAME/ -test -x $DAEMON || exit 0 - # Include anytun defaults if available if [ -f /etc/default/anytun ] ; then . /etc/default/anytun @@ -28,16 +24,7 @@ fi start_vpn () { STATUS="OK" if [ -f $CONFIG_DIR/$NAME/config ] ; then - POSTUP='' - test -f $CONFIG_DIR/$NAME/post-up.sh && POSTUP="-x $CONFIG_DIR/$NAME/post-up.sh" - CHROOTDIR=`grep '^chroot' < $CONFIG_DIR/$NAME/config | sed 's/chroot\s*//'` - if [ -n "$CHROOTDIR" ] ; then - test -d $CHROOTDIR || mkdir -p $CHROOTDIR - fi - test -d $VARRUN_DIR || mkdir -p $VARRUN_DIR - DAEMONARG=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e '\w' | sed 's/^/--/' | tr '\n' ' '` - $DAEMON --write-pid $VARRUN_DIR/$NAME.pid $POSTUP \ - $DAEMONOPTS $DAEMONARG || STATUS="FAILED" + $ANYTUNLAUNCHER vpn || STATUS="FAILED" else STATUS="no config found" fi @@ -51,21 +38,7 @@ stop_vpn () { } start_configd () { - if [ -d $CONFIG_DIR/$NAME/conf.d ] ; then - test -d $VARCONFIG_DIR || mkdir -p $VARCONFIG_DIR - chmod 700 $VARCONFIG_DIR - rm -f $VARCONFIG_DIR/$NAME 2>/dev/null - KDPRF=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e 'kd-prf' | sed 's/^/ --/' | xargs echo` - for CLIENTNAME in `ls $CONFIG_DIR/$NAME/conf.d`; do - echo -n " ($CLIENTNAME)" - DAEMONARG=`sed 's/#.*//' < $CONFIG_DIR/$NAME/conf.d/$CLIENTNAME | grep -e '\w' | sed 's/^/ --/' | xargs echo` - $ANYTUNCONFIG $DAEMONARG $CIPHER $AUTHALGO $KDPRF >> $VARCONFIG_DIR/$NAME - done - CONTROLHOST=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e 'control-host' | sed 's/^/ --/' | xargs echo` - $CONTROLDAEMON -f $VARCONFIG_DIR/$NAME $DAEMONOPTS $CONTROLHOST \ - --write-pid $VARCONFIG_DIR/$NAME.pid - # rm -f $VARCONFIG_DIR/$NAME - fi + $ANYTUNLAUNCHER configd } stop_configd () { if [ -d $CONFIG_DIR/$NAME/conf.d ] ; then diff --git a/src/Makefile b/src/Makefile index b2f1646..b04d76b 100644 --- a/src/Makefile +++ b/src/Makefile @@ -171,7 +171,7 @@ ANYCTRSRCS := $(ANYCTROBJS:%.o=%.cpp) ANYCONFSRCS := $(ANYCONFOBJS:%.o=%.cpp) EXESRCS := $(EXEOBJS:%.o=%.cpp) -.PHONY: distclean cleanall clean manpage install install-bin install-etc install-man uninstall remove purge +.PHONY: distclean cleanall clean manpage install install-bin install-etc install-man uninstall remove purge remove-systemd install-systemd remove-bin remove-man remove-examples all: $(EXECUTABLES) #libAnysync.a @@ -211,13 +211,13 @@ anytun-controld$(EXE): $(ANYCTROBJS) anytun-controld.o $(LD) $(ANYCTROBJS) anytun-controld.o -o $@ $(LDFLAGS) -options.o: options.cpp +options.o: options.cpp $(CXX) $(CXXFLAGS) -DANYTUN_OPTIONS $< -c -o $@ -anyCtrOptions.o: options.cpp +anyCtrOptions.o: options.cpp $(CXX) $(CXXFLAGS) -DANYCTR_OPTIONS $< -c -o $@ -anyConfOptions.o: options.cpp +anyConfOptions.o: options.cpp $(CXX) $(CXXFLAGS) -DANYCONF_OPTIONS $< -c -o $@ nullOptions.o: options.cpp @@ -234,7 +234,6 @@ libAnysync.a: $(OBJS) anyrtpproxy: anytun $(MAKE) --directory=$(CURDIR)/anyrtpproxy - distclean: cleanall find . -name *.o -exec rm -f {} \; rm -f config.sub config.guess @@ -281,6 +280,11 @@ INSTALL_TARGETS += install-examples REMOVE_TARGETS += remove-examples endif +ifdef SYSTEMD +INSTALL_TARGETS += install-systemd +REMOVE_TARGETS := remove-systemd +endif + install: all $(INSTALL_TARGETS) install-bin: $(EXECUTABLES) @@ -290,18 +294,28 @@ install-bin: $(EXECUTABLES) $(INSTALL) -m 755 anytun-config $(DESTDIR)$(BINDIR) $(INSTALL) -m 755 anytun-controld $(DESTDIR)$(BINDIR) $(INSTALL) -m 755 anytun-showtables $(DESTDIR)$(BINDIR) + @ sed -e 's#DAEMON=/usr/sbin/anytun#DAEMON=$(SBINDIR)/anytun#' \ + -e 's#ANYTUNCONFIG=/usr/bin/anytun-config#ANYTUNCONFIG=$(BINDIR)/anytun-config#' \ + -e 's#CONTROLDAEMON=/usr/bin/anytun-controld#CONTROLDAEMON=$(BINDIR)/anytun-controld#' \ + -e 's#CONFIG_DIR=/etc/anytun#CONFIG_DIR=$(ETCDIR)/anytun#' ../usr/bin/anytun-launcher.sh > ../usr/bin/anytun-launcher.sh.bak + $(INSTALL) -m 755 ../usr/bin/anytun-launcher.sh.bak $(DESTDIR)$(BINDIR)/anytun-launcher.sh install-etc: $(INSTALL) -d $(DESTDIR)$(ETCDIR)/anytun @ echo "example configurations can be found at $(EXAMPLESDIR)/anytun" > $(DESTDIR)$(ETCDIR)/anytun/README $(INSTALL) -d $(DESTDIR)$(ETCDIR)/init.d - @ sed -e 's#DAEMON=/usr/sbin/anytun#DAEMON=$(SBINDIR)/anytun#' \ - -e 's#ANYTUNCONFIG=/usr/bin/anytun-config#ANYTUNCONFIG=$(BINDIR)/anytun-config#' \ - -e 's#CONTROLDAEMON=/usr/bin/anytun-controld#CONTROLDAEMON=$(BINDIR)/anytun-controld#' \ + @ sed -e 's#ANYTUNLAUNCHER=/usr/bin/anytun-launcher.sh#ANYTUNLAUNCHER=$(BINDIR)/anytun-launcher.sh#' \ -e 's#CONFIG_DIR=/etc/anytun#CONFIG_DIR=$(ETCDIR)/anytun#' ../etc/init.d/anytun > ../etc/init.d/anytun.bak $(INSTALL) -m 755 ../etc/init.d/anytun.bak $(DESTDIR)$(ETCDIR)/init.d/anytun rm -f ../etc/init.d/anytun.bak +install-systemd: + $(INSTALL) -d $(DESTDIR)/lib/systemd/system/ + @ sed -e 's#/usr/bin/#$(DESTDIR)$(BINDIR)/#' ../usr/lib/systemd/system/anytun@.service > ../usr/lib/systemd/system/anytun@.service.bak + @ sed -e 's#/usr/bin/#$(DESTDIR)$(BINDIR)/#' ../usr/lib/systemd/system/anytun-control@.service > ../usr/lib/systemd/system/anytun-control@.service.bak + $(INSTALL) ../usr/lib/systemd/system/anytun@.service.bak $(DESTDIR)/lib/systemd/system/anytun@.service + $(INSTALL) ../usr/lib/systemd/system/anytun-control@.service.bak $(DESTDIR)/anytun-control@.service + install-examples: $(INSTALL) -d $(DESTDIR)$(EXAMPLESDIR)/anytun $(INSTALL) -m 644 ../etc/anytun/autostart $(DESTDIR)$(EXAMPLESDIR)/anytun/autostart @@ -351,6 +365,10 @@ remove-bin: remove-etc: rm -f $(DESTDIR)$(ETCDIR)/init.d/anytun +remove-systemd: + rm -f $(DESTDIR)/lib/systemd/system/anytun@.service + rm -f $(DESTDIR)/anytun-control@.service + remove-examples: rm -rf $(DESTDIR)$(EXAMPLESDIR)/anytun/ diff --git a/src/configure b/src/configure index f070150..c318121 100755 --- a/src/configure +++ b/src/configure @@ -94,6 +94,7 @@ print_usage() { echo " --with-gcrypt= don't use systemwide gcrypt" echo " --with-nettle= don't use systemwide nettle" echo " --with-openssl= don't use systemwide openssl" + echo " --with-systemd install systemd unit descriptions" echo " --use-clang use clang/llvm as compiler/linker" } @@ -172,6 +173,9 @@ do --with-openssl=*) OPENSSL_PREFIX=${arg#--with-openssl=} ;; + --with-systemd=*) + SYSTEMD=1 + ;; --help) print_usage exit 0 diff --git a/usr/bin/anytun-launcher.sh b/usr/bin/anytun-launcher.sh new file mode 100755 index 0000000..8103f91 --- /dev/null +++ b/usr/bin/anytun-launcher.sh @@ -0,0 +1,56 @@ +#!/bin/sh + +NAME="${NAME:-$2}" + +DAEMON=/usr/sbin/anytun +ANYTUNCONFIG=/usr/bin/anytun-config +CONTROLDAEMON=/usr/bin/anytun-controld +CONFIG_DIR=/etc/anytun +VARCONFIG_DIR=/run/anytun-controld +VARRUN_DIR=/run/anytun + +test -x $DAEMON || exit 0 +test -z $NAME && exit 1 + +start_vpn () { + if [ -f $CONFIG_DIR/$NAME/config ] ; then + POSTUP='' + test -f $CONFIG_DIR/$NAME/post-up.sh && POSTUP="-x $CONFIG_DIR/$NAME/post-up.sh" + CHROOTDIR=`grep '^chroot' < $CONFIG_DIR/$NAME/config | sed 's/chroot\s*//'` + if [ -n "$CHROOTDIR" ] ; then + test -d $CHROOTDIR || mkdir -p $CHROOTDIR + fi + test -d $VARRUN_DIR || mkdir -p $VARRUN_DIR + DAEMONARG=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e '\w' | sed 's/^/--/' | tr '\n' ' '` + $DAEMON --write-pid $VARRUN_DIR/$NAME.pid $POSTUP $DAEMONOPTS $DAEMONARG + else + echo "no config found" >&2 + return 1 + fi +} + +start_configd () { + if [ -d $CONFIG_DIR/$NAME/conf.d ] ; then + test -d $VARCONFIG_DIR || mkdir -p $VARCONFIG_DIR + chmod 700 $VARCONFIG_DIR + rm -f $VARCONFIG_DIR/$NAME 2>/dev/null + KDPRF=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e 'kd-prf' | sed 's/^/ --/' | xargs echo` + for CLIENTNAME in `ls $CONFIG_DIR/$NAME/conf.d`; do + echo -n " ($CLIENTNAME)" + DAEMONARG=`sed 's/#.*//' < $CONFIG_DIR/$NAME/conf.d/$CLIENTNAME | grep -e '\w' | sed 's/^/ --/' | xargs echo` + $ANYTUNCONFIG $DAEMONARG $CIPHER $AUTHALGO $KDPRF >> $VARCONFIG_DIR/$NAME + done + CONTROLHOST=`sed 's/#.*//' < $CONFIG_DIR/$NAME/config | grep -e 'control-host' | sed 's/^/ --/' | xargs echo` + $CONTROLDAEMON -f $VARCONFIG_DIR/$NAME $DAEMONOPTS $CONTROLHOST \ + --write-pid $VARCONFIG_DIR/$NAME.pid + else + echo "no conf.d directory found (maybe $NAME is an anytun client not a server?)" >&2 + return 1 + fi +} + +case $1 in +(vpn) start_vpn ;; +(configd) start_configd ;; +(*) exit 2;; +esac diff --git a/usr/lib/systemd/system/anytun-control@.service b/usr/lib/systemd/system/anytun-control@.service new file mode 100644 index 0000000..ec857e9 --- /dev/null +++ b/usr/lib/systemd/system/anytun-control@.service @@ -0,0 +1,13 @@ +[Unit] +Description=AnyTun Server Config Control Daemon +After=syslog.target network.target +Requires=anytun@%i.service + +[Service] +Type=simple +PIDFile=/run/anytun-controld/%i.pid +Environment="NAME=%i" "DAEMONOPTS=-D -L stdout:3" +ExecStart=/usr/bin/anytun-launcher.sh configd + +[Install] +WantedBy=multi-user.target diff --git a/usr/lib/systemd/system/anytun@.service b/usr/lib/systemd/system/anytun@.service new file mode 100644 index 0000000..2b7fa72 --- /dev/null +++ b/usr/lib/systemd/system/anytun@.service @@ -0,0 +1,12 @@ +[Unit] +Description=AnyTun secure anycast tunneling +After=syslog.target network.target + +[Service] +Type=simple +PIDFile=/run/anytun/%i.pid +Environment="NAME=%i" "DAEMONOPTS=-D -L stdout:3" +ExecStart=/usr/bin/anytun-launcher.sh vpn + +[Install] +WantedBy=multi-user.target -- cgit v1.2.3