Commit Graph

187 Commits

Author SHA1 Message Date
rany
5b326d8bb8
Update generate.sh (#736)
The AppArmor profile in contrib forbids `/usr/bin/yggdrasil` from reading the file in `/var/backups/yggdrasil.conf...`. This works around that restriction by having the shell do the reading of `/var/backups/yggdrasil.conf...` file while providing the same exact functionality without making the AppArmor profile less restrictive. 

Another change is the safe perms for the `/etc/yggdrasil.conf` (so that config will have 0640 permissions). This is important because if we kept the default of 644 then any user (privileged or unprivileged) will have the ability to read the yggdrasil private key. We use a restrictive umask of 0027 to make this possible.
2020-12-06 20:52:54 +00:00
rany
709ea6976c
apparmor: allow yggdrasil to resolve hostnames (#739)
The apparmor profile in it's current state won't allow resolving hostnames. We need `<abstractions/nameservice>` because we simply can't just allow `/etc/resolv.conf`. This is because systemd-resolved, resolvconf, and others rely on symbolic links to `/etc/resolv.conf` which would make this extremely complicated.  `<abstractions/nameservice>` deals with this complexity to allow every single one of those packages (systemd-resolved, resolvconf, ... ).

```
  network inet stream,
  network inet dgram,
  network inet6 dgram,
  network inet6 stream,
  network netlink raw,
```
was removed because it's already included in `<abstractions/nameservice>`. Some permissions that are no longer needed in newer yggdrasil versions were also removed.

`owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` was changed to `/sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` because there is no guarantee that yggdrasil will always be run as root. (`owner` makes sure that the process's user and the file have the same owner, in that case, root. This might not always be the case so `owner` was removed)
2020-12-06 20:52:10 +00:00
Neil Alexander
1492738c9e
golangci-lint in CI (#733)
* golangci-lint in CI

* Put CI in own job

* Run verify job

* Use go get

* Fix typo

* Name lint instead of verify

* Read the config

* Use debug tag

* Tweaks
2020-09-27 14:28:25 +01:00
Arceliar
7a314afb31 check if an error was returned by Core._init and return it if so 2020-03-31 18:14:20 -05:00
Neil Alexander
e7228c7ae4
Merge pull request #666 from jcgruenhage/ansible-genkeys-progress-bar
add a progress bar to the ansible key generator
2020-03-25 20:55:15 +00:00
Jan Christian Grünhage
30bfa04c47 add a progress bar to the ansible key generator 2020-03-23 23:26:41 +01:00
Rany
c1816ae86f
Update usr.bin.yggdrasil 2020-03-10 16:47:41 +02:00
Neil Alexander
d160eccab0
Hopefully really actually fix it this time 2020-02-21 19:32:36 +00:00
Neil Alexander
7d590e31b0
Include yggdrasil-default-config.service 2020-02-21 19:14:40 +00:00
William Fleurant
a2adcbd7e4 docker: build and copy genkeys 2020-01-05 15:26:08 -05:00
Neil Alexander
4b16c325a3
Merge pull request #607 from Arano-kai/feature/systemd_modular_unit
Systemd: move config generation to a separate unit
2019-12-10 12:02:46 +00:00
Neil Alexander
1a1e32c411
Fix syntax error in build-msi.sh 2019-12-10 11:40:16 +00:00
Neil Alexander
4762edc2b3
Package display name 2019-12-10 11:38:58 +00:00
Neil Alexander
6f927b0613
Reverse upgrade condition 2019-12-10 11:33:52 +00:00
Neil Alexander
3e388cd7f9
Try to avoid breaking Wintun during upgrades 2019-12-10 11:27:49 +00:00
Neil Alexander
152f5838f8
Update metadata 2019-12-10 11:17:15 +00:00
Neil Alexander
1d41199501
Move Wintun to separate feature 2019-12-10 10:55:20 +00:00
Neil Alexander
bf5d5b2269
Rename service from 'yggdrasil' to 'Yggdrasil' 2019-12-04 09:29:30 +00:00
Neil Alexander
16e55992b6
Move yggdrasil.conf to ALLUSERSPROFILE 2019-11-29 11:06:08 +00:00
Neil Alexander
c17c4af26d
Don't normalise on upgrade 2019-11-28 13:08:56 +00:00
Neil Alexander
3f29a2ff05
Some comments 2019-11-28 13:00:52 +00:00
Neil Alexander
3734a73d6f
Don't impersonate user for updateconfig.bat 2019-11-28 11:16:36 +00:00
Neil Alexander
42d4a51765
Set output logging 2019-11-28 10:56:22 +00:00
Neil Alexander
724446bb04
Defer updateconfig 2019-11-28 10:42:57 +00:00
Neil Alexander
e64d661ab0
Fix update action 2019-11-28 10:19:47 +00:00
Neil Alexander
a673625e82
Configure service with -useconffile 2019-11-28 10:08:01 +00:00
Neil Alexander
b88a623a9f
Handle pull request branch 2019-11-28 09:56:14 +00:00
Neil Alexander
41a2e731eb
More MSI updates (#622)
* Try embedding config script

* Update config when installing

* Don't update config on uninstall
2019-11-28 09:52:14 +00:00
Neil Alexander
e1b0d0f20c
Appveyor MSI builds for Windows (#621)
* Try appveyor for MSI (not finished)

* build-msi.sh

* Don't shallow clone

* Don't set clone depth

* Build Yggdrasil for each arch

* Try to get rest of branches

* Allow upgrades (hopefully)

* Try using MajorUpgrade

* AllowDowngrades

* Try harder to build x86 :-)

* Bugfix

* Bugfix

* AllowSameVersionUpgrades

* AllowSameVersionUpgrades

* Generate new GUID for each build (might fix upgrades)
2019-11-28 00:35:29 +00:00
Arceliar
38c54efd73
Update yggdrasil.service 2019-11-24 22:54:30 -06:00
Arano-kai
7068160b20 Systemd: move config generation to a separate unit
- Modular unit composition: different tasks in separate units
- Use systemd tool set to run checks
- Avoid using inline shell in unit
2019-11-14 16:52:04 +02:00
Arano-kai
74d824302b FIX: Systemd: typo in directive 2019-10-29 16:36:03 +02:00
Neil Alexander
b0bcf29d27
Allow ExecStartPre to fail for containers (#573) 2019-10-23 11:15:57 +01:00
Arano-kai
045a24d74e Systemd: tun module and capabilities
- Enable (and limit to) capabilities that require to setup tun/tap interface.
- Ensure that tun module is active.
2019-10-02 00:36:33 +03:00
Neil Alexander
6ead31fb87
Remove RPM spec from contrib as it is now in yggdrasil-network/yggdrasil-package-rpm 2019-09-27 09:44:55 +01:00
Neil Alexander
d6ee20580d
Set TimeoutStopSec for systemd service 2019-09-27 09:37:34 +01:00
Neil Alexander
d44a7faa04
semver: Don't return failure codes when git history is not present 2019-09-18 20:09:53 +01:00
Neil Alexander
5b09b45572
Merge pull request #416 from fifteenthcommotion/yggdrasil-brute-simple
contribute decently fast yggdrasil address generator in C
2019-05-18 12:28:49 +01:00
fifteenthcommotion
080052ce04 remove ygg-brute gitignore 2019-05-18 04:25:57 -07:00
fifteenthcommotion
5bed78c7a7 add CC0 for good measure 2019-05-12 12:40:45 -07:00
fifteenthcommotion
db85a11194 unlicense and spacing perfectionism 2019-05-12 02:18:03 -07:00
fifteenthcommotion
5a3c730097 contribute decently fast yggdrasil address generator in C 2019-05-11 16:31:46 -07:00
Colin Reeder
2465ad0384
Add armel to PKGARCH usage list 2019-04-07 16:14:58 -06:00
Colin Reeder
b5e3b05e77 Add armel support to deb script 2019-04-07 13:07:26 -06:00
Viktor Villainov
f5c6c191ea AppArmor: multiarch support and allow datagram transports 2019-03-09 22:34:26 -05:00
Viktor Villainov
00ad8e594e Add AppArmor profile 2019-03-09 08:15:14 -05:00
William Wennerström
f4ccbe6c94
contrib/busybox-init: add reload and use -useconffile
+ Added reload command.
+ Use -useconffile instead, as it's required for reloading.
2019-03-06 11:30:49 +01:00
William Wennerström
76dd1f6345
contrib/openrc: I like symmetry 2019-03-05 22:27:51 +01:00
William Wennerström
1097c1c0c9
contrib/openrc: add reload command 2019-03-05 20:50:24 +01:00
William Wennerström
26a952aa6c
contrib/openrc: add init file for OpenRC 2019-03-05 20:35:02 +01:00
Neil Alexander
ddd1ac4606
Fix launchd file for macOS to use -useconffile 2019-03-04 08:44:25 +00:00
Neil Alexander
857a33c91b
Revert "Simplifying Dockerfile" 2019-03-02 15:26:55 +00:00
Neil Alexander
46a5c7cccf
Merge pull request #333 from cwinfo/develop
Simplifying Dockerfile
2019-03-02 10:39:39 +00:00
William Wennerstr?m
ef77822897
contrib/busybox-init: add init.d script for busybox init 2019-03-01 17:26:07 +01:00
Neil Alexander
24cf4b9d2b
Add ExecReload for SIGHUP 2019-02-18 22:31:34 +00:00
Christer Warén
2b70f967a8
Merge pull request #14 from cwinfo/new-docker-solution
New-Docker-Solution to Branch Develop
2019-02-11 16:54:45 +02:00
Christer Warén
c2561c90c7
Update Dockerfile
Making easier to install and update, because dont have to download Github repository manually.
2019-02-11 16:50:22 +02:00
Neil Alexander
fe09c234bc
Fix Debian generate.sh 2019-02-10 12:29:04 +00:00
Neil Alexander
9f7609817e
Remove yggdrasil-resume.service from systemd contrib and Debian package 2019-02-10 12:22:39 +00:00
Christer Warén
462af89600
Merge pull request #12 from cwinfo/develop
Branch Develop to New-Docker-Solution
2019-02-04 15:25:37 +02:00
Christer Warén
901333cc99
Update Dockerfile 2019-01-30 13:12:46 +02:00
Arceliar
6ef0e47632 fix merge conflict 2019-01-26 14:27:37 -06:00
Jan Christian Grünhage
2baedc9bcc make ansible key generator a tiny bit faster 2019-01-25 21:28:22 +01:00
Arceliar
c8e1be0f73 link/stream refactoring bugfixes and gofmt 2019-01-19 16:37:45 -06:00
Jan Christian Grünhage
21306532c1
update ansible key generator
It's probably easier to use without it having an ansible folder prefix, if people want to put it into a different dir then they should change their workdir. Apart from that, this fixes a bug where I defined yggdrasil_signing_public_key twice, but never the private key.
2019-01-15 16:48:25 +01:00
Jan Christian Grünhage
88cf6b7684 add ansible key generator 2019-01-15 02:28:27 +01:00
Neil Alexander
8119db10c7
Merge pull request #302 from neilalexander/logo
Logo proposal
2019-01-08 22:17:09 +00:00
Neil Alexander
e6e7f9377f
Move --count parameter 2018-12-27 21:45:30 +00:00
Neil Alexander
8c7b9e2f90
Add a null check to name.sh 2018-12-27 21:44:29 +00:00
Neil Alexander
6fcd8a8dbd
Fix incorrect check 2018-12-27 21:36:50 +00:00
Neil Alexander
7eaee172cf
Replace tests with ifs 2018-12-27 21:22:46 +00:00
Neil Alexander
57894541b7
Check string emptiness 2018-12-27 21:14:23 +00:00
Neil Alexander
e6a246f040
Chop up contrib/semver/version.sh 2018-12-27 20:03:46 +00:00
Neil Alexander
b4a7dab34d
Versioning be damned 2018-12-26 23:50:17 +00:00
darkdrgn2k
f91fb1045c
Downgraded all armhf builds to v6 2018-12-18 12:28:15 -05:00
darkdrgn2k
ace9568981
Added compile support for Arm v6
Support for older raspberry pis and Pi Zero
2018-12-18 11:36:15 -05:00
Neil Alexander
09ea9a166f
More tweaks to semver 2018-12-18 12:14:47 +00:00
Neil Alexander
3ea33c9fa7
Fix build tags maybe? 2018-12-18 12:03:23 +00:00
Neil Alexander
bfdb079b79
Append suffix to master releaser releases if they are not the first merge (package revisions) 2018-12-18 11:52:22 +00:00
Neil Alexander
429d014d1c
Fix addgroup/groupadd 2018-12-18 11:16:27 +00:00
Neil Alexander
a22da8009f
Hopefully fix semver versioning breakage caused by non-master merge commits 2018-12-17 22:07:28 +00:00
Neil Alexander
0a9b34d121
Revert "Merge pull request #259 from neilalexander/semver"
This reverts commit 51b3746df6, reversing
changes made to 6e87791e50.
2018-12-17 19:17:29 +00:00
Christer Warén
fb1d639f6d
Merge pull request #5 from cwinfo/develop
Branch Develop: Branch to Patch
2018-12-17 15:32:29 +02:00
Christer Warén
712ec7d3fb
Update Dockerfile
ENV CGO_ENABLED=0
2018-12-17 15:28:45 +02:00
Neil Alexander
b20c3538b7
Point hjson to master repo following comments merge 2018-12-17 10:50:57 +00:00
Neil Alexander
0ee74a4efd
Update semver 2018-12-17 10:34:26 +00:00
Neil Alexander
e1c7983752
Update debian package to fix systemd disabling (not good for remote systems) and add group yggdrasil for admin socket/conf 2018-12-14 14:25:26 +00:00
Neil Alexander
73ed563dde
Update debian package behavior
It now won't enable itself automatically on install and it will
only start Yggdrasil if enabled in systemd. It also won't break
during install on systems where systemd is not present.
2018-12-12 20:29:56 +00:00
Neil Alexander
08ad163dfe
Add starting point for an RPM spec file 2018-12-09 23:10:12 +00:00
Neil Alexander
3b2044666d
Fix bug in semver version.sh 2018-12-08 11:31:20 +00:00
Neil Alexander
f2d01aa54d
Use bare version in deb/macos packages instead of cut 2018-12-08 10:54:47 +00:00
Neil Alexander
9d0b8ac6f4
Strip v from version during imprint 2018-12-08 10:51:31 +00:00
Neil Alexander
5315bc25c5
Return 1 instead of -1 from semver/deb 2018-12-08 10:33:33 +00:00
Neil Alexander
2da3ef420c
Update documentation, remove stray .DS_Store file 2018-12-08 10:30:43 +00:00
Arceliar
586781b49c convert to go module 2018-12-07 19:56:04 -06:00
Neil Alexander
4bc009d845
Update semver behaviour 2018-12-07 22:17:09 +00:00
Neil Alexander
d0c2ce90bb
Fix semver when git history is not present 2018-12-07 22:03:57 +00:00
Neil Alexander
4532d0e0c8
Merge pull request #219 from neilalexander/semver
Tag releases in master using CI
2018-12-07 19:38:01 +00:00
Jan Christian Grünhage
9f4fc3669b Reduce container image size 2018-12-04 13:04:42 +01:00
Neil Alexander
8a04cbe3c8
Try to fix CircleCI shell error 2018-12-03 17:49:03 +00:00