Pull request: all: openbsd support

Updates #2439.

Squashed commit of the following:

commit 3ff109e43751132d77500256c8869938680ac281
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Thu Jun 3 20:46:17 2021 +0300

    all: imp code, docs

commit 512ee6d78cfee511f429d09c8366bb7dd8019aa8
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Thu Jun 3 20:06:41 2021 +0300

    all: openbsd support
This commit is contained in:
Ainar Garipov 2021-06-03 21:04:13 +03:00
parent 084564e6b7
commit 3b87478470
13 changed files with 124 additions and 72 deletions

View File

@ -15,6 +15,7 @@ and this project adheres to
### Added
- Experimental OpenBSD support for AMD64 and 64-bit ARM CPUs ([#2439]).
- Support for custom port in DNS-over-HTTPS profiles for Apple's devices
([#3172]).
- `darwin/arm64` support ([#2443]).
@ -52,6 +53,7 @@ released by then.
- Go 1.15 support.
[#2439]: https://github.com/AdguardTeam/AdGuardHome/issues/2439
[#2441]: https://github.com/AdguardTeam/AdGuardHome/issues/2441
[#2443]: https://github.com/AdguardTeam/AdGuardHome/issues/2443
[#3136]: https://github.com/AdguardTeam/AdGuardHome/issues/3136

View File

@ -349,6 +349,13 @@ on GitHub and most other Markdown renderers. -->
* `snake_case`, not `camelCase` for variables. `kebab-case` for filenames.
* Start scripts with the following sections in the following order:
1. Shebang.
1. Some initial documentation (optional).
1. Verbosity level parsing (optional).
1. `set` options.
* UPPERCASE names for external exported variables, lowercase for local,
unexported ones.

View File

@ -116,6 +116,7 @@ go-check: go-tools go-lint go-test
go-os-check:
env GOOS='darwin' "$(GO.MACRO)" vet ./internal/...
env GOOS='freebsd' "$(GO.MACRO)" vet ./internal/...
env GOOS='openbsd' "$(GO.MACRO)" vet ./internal/...
env GOOS='linux' "$(GO.MACRO)" vet ./internal/...
env GOOS='windows' "$(GO.MACRO)" vet ./internal/...

View File

@ -289,6 +289,8 @@ curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/s
* macOS ARM: [64-bit](https://static.adguard.com/adguardhome/beta/AdGuardHome_darwin_arm64.zip)
* FreeBSD: [64-bit](https://static.adguard.com/adguardhome/beta/AdGuardHome_freebsd_amd64.tar.gz), [32-bit](https://static.adguard.com/adguardhome/beta/AdGuardHome_freebsd_386.tar.gz)
* FreeBSD ARM: [64-bit](https://static.adguard.com/adguardhome/beta/AdGuardHome_freebsd_arm64.tar.gz), [32-bit ARMv5](https://static.adguard.com/adguardhome/beta/AdGuardHome_freebsd_armv5.tar.gz), [32-bit ARMv6](https://static.adguard.com/adguardhome/beta/AdGuardHome_freebsd_armv6.tar.gz), [32-bit ARMv7](https://static.adguard.com/adguardhome/beta/AdGuardHome_freebsd_armv7.tar.gz)
* OpenBSD: (coming soon)
* OpenBSD ARM: (coming soon)
* Edge channel builds
* Linux: [64-bit](https://static.adguard.com/adguardhome/edge/AdGuardHome_linux_amd64.tar.gz), [32-bit](https://static.adguard.com/adguardhome/edge/AdGuardHome_linux_386.tar.gz)
@ -299,6 +301,8 @@ curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/s
* macOS ARM: [64-bit](https://static.adguard.com/adguardhome/edge/AdGuardHome_darwin_arm64.zip)
* FreeBSD: [64-bit](https://static.adguard.com/adguardhome/edge/AdGuardHome_freebsd_amd64.tar.gz), [32-bit](https://static.adguard.com/adguardhome/edge/AdGuardHome_freebsd_386.tar.gz)
* FreeBSD ARM: [64-bit](https://static.adguard.com/adguardhome/edge/AdGuardHome_freebsd_arm64.tar.gz), [32-bit ARMv5](https://static.adguard.com/adguardhome/edge/AdGuardHome_freebsd_armv5.tar.gz), [32-bit ARMv6](https://static.adguard.com/adguardhome/edge/AdGuardHome_freebsd_armv6.tar.gz), [32-bit ARMv7](https://static.adguard.com/adguardhome/edge/AdGuardHome_freebsd_armv7.tar.gz)
* OpenBSD: [64-bit (experimental)](https://static.adguard.com/adguardhome/edge/AdGuardHome_openbsd_amd64.tar.gz)
* OpenBSD ARM: [64-bit (experimental)](https://static.adguard.com/adguardhome/edge/AdGuardHome_openbsd_arm64.tar.gz)
<a id="reporting-issues"></a>

View File

@ -5,18 +5,28 @@ import (
"fmt"
"os/exec"
"syscall"
"github.com/AdguardTeam/golibs/errors"
)
// ErrUnsupported is returned when the functionality is unsupported on the
// current operating system.
//
// TODO(a.garipov): Make a structured error and use it everywhere instead of
// a bunch of fmt.Errorf and all that.
const ErrUnsupported errors.Error = "unsupported"
// CanBindPrivilegedPorts checks if current process can bind to privileged
// ports.
func CanBindPrivilegedPorts() (can bool, err error) {
return canBindPrivilegedPorts()
}
// SetRlimit sets user-specified limit of how many fd's we can use
// https://github.com/AdguardTeam/AdGuardHome/internal/issues/659.
func SetRlimit(val uint) {
setRlimit(val)
// SetRlimit sets user-specified limit of how many fd's we can use.
//
// See https://github.com/AdguardTeam/AdGuardHome/internal/issues/659.
func SetRlimit(val uint64) (err error) {
return setRlimit(val)
}
// HaveAdminRights checks if the current user has root (administrator) rights.

View File

@ -7,22 +7,18 @@ package aghos
import (
"os"
"syscall"
"github.com/AdguardTeam/golibs/log"
)
func canBindPrivilegedPorts() (can bool, err error) {
return HaveAdminRights()
}
func setRlimit(val uint) {
func setRlimit(val uint64) (err error) {
var rlim syscall.Rlimit
rlim.Max = uint64(val)
rlim.Cur = uint64(val)
err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
if err != nil {
log.Error("Setrlimit() failed: %v", err)
}
rlim.Max = val
rlim.Cur = val
return syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
}
func haveAdminRights() (bool, error) {

View File

@ -7,22 +7,18 @@ package aghos
import (
"os"
"syscall"
"github.com/AdguardTeam/golibs/log"
)
func canBindPrivilegedPorts() (can bool, err error) {
return HaveAdminRights()
}
func setRlimit(val uint) {
func setRlimit(val uint64) (err error) {
var rlim syscall.Rlimit
rlim.Max = int64(val)
rlim.Cur = int64(val)
err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
if err != nil {
log.Error("Setrlimit() failed: %v", err)
}
return syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
}
func haveAdminRights() (bool, error) {

View File

@ -11,7 +11,6 @@ import (
"strings"
"syscall"
"github.com/AdguardTeam/golibs/log"
"golang.org/x/sys/unix"
)
@ -23,14 +22,12 @@ func canBindPrivilegedPorts() (can bool, err error) {
return cnbs == 1 || adm, err
}
func setRlimit(val uint) {
func setRlimit(val uint64) (err error) {
var rlim syscall.Rlimit
rlim.Max = uint64(val)
rlim.Cur = uint64(val)
err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
if err != nil {
log.Error("Setrlimit() failed: %v", err)
}
rlim.Max = val
rlim.Cur = val
return syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
}
func haveAdminRights() (bool, error) {

View File

@ -15,7 +15,8 @@ func canBindPrivilegedPorts() (can bool, err error) {
return HaveAdminRights()
}
func setRlimit(val uint) {
func setRlimit(val uint64) (err error) {
return ErrUnsupported
}
func haveAdminRights() (bool, error) {

View File

@ -54,7 +54,7 @@ type configuration struct {
AuthBlockMin uint `yaml:"block_auth_min"`
ProxyURL string `yaml:"http_proxy"` // Proxy address for our HTTP client
Language string `yaml:"language"` // two-letter ISO 639-1 language code
RlimitNoFile uint `yaml:"rlimit_nofile"` // Maximum number of opened fd's per process (0: default)
RlimitNoFile uint64 `yaml:"rlimit_nofile"` // Maximum number of opened fd's per process (0: default)
DebugPProf bool `yaml:"debug_pprof"` // Enable pprof HTTP server on port 6060
// TTL for a web session (in hours)

View File

@ -115,7 +115,15 @@ func Main(clientBuildFS fs.FS) {
}()
if args.serviceControlAction != "" {
// TODO(a.garipov): github.com/kardianos/service doesn't seem to
// support OpenBSD currently. Either patch it to do so or make
// our own implementation of the service.System interface.
if runtime.GOOS == "openbsd" {
log.Fatal("service actions are not supported on openbsd")
}
handleServiceControlAction(args, clientBuildFS)
return
}
@ -175,7 +183,7 @@ func setupContext(args options) {
Context.mux = http.NewServeMux()
}
func setupConfig(args options) {
func setupConfig(args options) (err error) {
config.DHCP.WorkDir = Context.workDir
config.DHCP.HTTPRegister = httpRegister
config.DHCP.ConfigModified = onConfigModified
@ -186,7 +194,7 @@ func setupConfig(args options) {
// now which assume that the DHCP server can be nil despite this
// condition. Inspect them and perhaps rewrite them to use
// Enabled() instead.
log.Fatalf("can't initialize dhcp module")
return fmt.Errorf("initing dhcp: %w", err)
}
Context.updater = updater.NewUpdater(&updater.Config{
@ -208,9 +216,11 @@ func setupConfig(args options) {
Context.clients.Init(config.Clients, Context.dhcpServer, Context.etcHosts)
config.Clients = nil
if (runtime.GOOS == "linux" || runtime.GOOS == "darwin") &&
config.RlimitNoFile != 0 {
aghos.SetRlimit(config.RlimitNoFile)
if config.RlimitNoFile != 0 {
err = aghos.SetRlimit(config.RlimitNoFile)
if err != nil && !errors.Is(err, aghos.ErrUnsupported) {
return fmt.Errorf("setting rlimit: %w", err)
}
}
// override bind host/port from the console
@ -223,6 +233,8 @@ func setupConfig(args options) {
if len(args.pidFile) != 0 && writePIDFile(args.pidFile) {
Context.pidFileName = args.pidFile
}
return nil
}
func initWeb(args options, clientBuildFS fs.FS) (web *Web, err error) {
@ -266,8 +278,16 @@ func initWeb(args options, clientBuildFS fs.FS) (web *Web, err error) {
return web, nil
}
func fatalOnError(err error) {
if err != nil {
log.Fatal(err)
}
}
// run performs configurating and starts AdGuard Home.
func run(args options, clientBuildFS fs.FS) {
var err error
// configure config filename
initConfigFilename(args)
@ -294,14 +314,13 @@ func run(args options, clientBuildFS fs.FS) {
// but also avoid relying on automatic Go init() function
filtering.InitModule()
setupConfig(args)
err = setupConfig(args)
fatalOnError(err)
if !Context.firstRun {
// Save the updated config
err := config.write()
if err != nil {
log.Fatal(err)
}
err = config.write()
fatalOnError(err)
if config.DebugPProf {
mux := http.NewServeMux()
@ -318,7 +337,7 @@ func run(args options, clientBuildFS fs.FS) {
}
}
err := os.MkdirAll(Context.getDataDir(), 0o755)
err = os.MkdirAll(Context.getDataDir(), 0o755)
if err != nil {
log.Fatalf("Cannot create DNS data dir at %s: %s", Context.getDataDir(), err)
}
@ -352,20 +371,14 @@ func run(args options, clientBuildFS fs.FS) {
}
Context.web, err = initWeb(args, clientBuildFS)
if err != nil {
log.Fatal(err)
}
fatalOnError(err)
Context.subnetDetector, err = aghnet.NewSubnetDetector()
if err != nil {
log.Fatal(err)
}
fatalOnError(err)
if !Context.firstRun {
err = initDNSServer()
if err != nil {
log.Fatalf("%s", err)
}
fatalOnError(err)
Context.tls.Start()
Context.etcHosts.Start()
@ -374,7 +387,7 @@ func run(args options, clientBuildFS fs.FS) {
serr := startDNSServer()
if serr != nil {
closeDNSServer()
log.Fatal(serr)
fatalOnError(serr)
}
}()

View File

@ -2,6 +2,10 @@
# AdGuard Home Installation Script
# Exit the script if a pipeline fails (-e), prevent accidental filename
# expansion (-f), and consider undefined variables as errors (-u).
set -e -f -u
# Function log is an echo wrapper that writes to stderr if the caller
# requested verbosity level greater than 0. Otherwise, it does nothing.
log() {
@ -54,7 +58,7 @@ check_required() {
required="curl"
case "$os"
in
('freebsd'|'linux')
('freebsd'|'linux'|'openbsd')
required="$required $required_unix"
;;
('darwin')
@ -63,7 +67,7 @@ check_required() {
(*)
# Generally shouldn't happen, since the OS has already been
# validated.
error_exit "unsupported operating system: $os"
error_exit "unsupported operating system: '$os'"
;;
esac
@ -173,14 +177,17 @@ set_os() {
os="$( uname -s )"
case "$os"
in
('Linux')
os='linux'
('Darwin')
os='darwin'
;;
('FreeBSD')
os='freebsd'
;;
('Darwin')
os='darwin'
('Linux')
os='linux'
;;
('OpenBSD')
os='openbsd'
;;
esac
fi
@ -188,7 +195,7 @@ set_os() {
# Validate.
case "$os"
in
('darwin'|'freebsd'|'linux')
('darwin'|'freebsd'|'linux'|'openbsd')
# All right, go on.
;;
(*)
@ -310,12 +317,30 @@ fix_freebsd() {
fi
}
# Function set_sudo_cmd sets the appropriate command to run a command under
# superuser privileges.
set_sudo_cmd() {
case "$os"
in
('openbsd')
sudo_cmd='doas'
;;
('darwin'|'freebsd'|'linux')
# Go on and use the default, sudo.
;;
(*)
error_exit "unsupported operating system: '$os'"
;;
esac
}
# Function configure sets the script's configuration.
configure() {
set_channel
set_os
set_cpu
fix_darwin
set_sudo_cmd
check_out_dir
pkg_name="AdGuardHome_${os}_${cpu}.${pkg_ext}"
@ -335,8 +360,7 @@ is_root() {
return 0
fi
# TODO(a.garipov): On OpenBSD, use doas.
if is_command sudo
if is_command "$sudo_cmd"
then
log 'note that AdGuard Home requires root privileges to install using this script'
@ -358,24 +382,25 @@ rerun_with_root() {
'https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh'
readonly script_url
flags=''
r='-R'
if [ "$reinstall" -eq '1' ]
then
flags="${flags} -r"
r='-r'
fi
u='-U'
if [ "$uninstall" -eq '1' ]
then
flags="${flags} -u"
u='-u'
fi
v='-V'
if [ "$verbose" -eq '1' ]
then
flags="${flags} -v"
v='-v'
fi
opts="-c $channel -C $cpu -O $os -o $out_dir $flags"
readonly opts
readonly r u v
log 'restarting with root privileges'
@ -384,7 +409,7 @@ rerun_with_root() {
# following shell to execute to prevent it from getting an empty input
# and exiting with a zero code in that case.
{ curl -L -S -s "$script_url" || echo 'exit 1'; }\
| sudo sh -s -- $opts
| $sudo_cmd sh -s -- -c "$channel" -C "$cpu" -O "$os" -o "$out_dir" "$r" "$u" "$v"
# Exit the script. Since if the code of the previous pipeline is
# non-zero, the execution won't reach this point thanks to set -e, exit
@ -504,10 +529,6 @@ install_service() {
# Entrypoint
# Exit the script if a pipeline fails (-e), prevent accidental filename
# expansion (-f), and consider undefined variables as errors (-u).
set -e -f -u
# Set default values of configuration variables.
channel='release'
reinstall='0'
@ -517,6 +538,8 @@ cpu=''
os=''
out_dir='/opt'
pkg_ext='tar.gz'
sudo_cmd='sudo'
parse_opts "$@"
echo 'starting AdGuard Home installation script'
@ -541,4 +564,4 @@ install_service
echo "\
AdGuard Home is now installed and running
you can control the service status with the following commands:
sudo ${agh_dir}/AdGuardHome -s start|stop|restart|status|install|uninstall"
$sudo_cmd ${agh_dir}/AdGuardHome -s start|stop|restart|status|install|uninstall"

View File

@ -156,6 +156,8 @@ linux mips64 0 softfloat 0
linux mips64le 0 softfloat 0
linux mipsle 0 softfloat 0
linux ppc64le 0 0 0
openbsd amd64 0 0 0
openbsd arm64 0 0 0
windows 386 0 0 0
windows amd64 0 0 0"
readonly platforms