GitHub/deck-tailscale
1
0
Fork 0
mirror of https://github.com/tailscale-dev/deck-tailscale.git synced 2025-10-23 07:58:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15 from diericx/overhaul

Browse Source 
Install without using systemd-sysext
This commit is contained in:
Duncan
2023-12-21 11:47:16 -05:00
committed by GitHub
parent f14589863b 4decd0d076
commit d2631a198e
4 changed files with 89 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
override.conf
View File

@@ -1,2 +1,7 @@
[Service] [Service]
ExtensionDirectories=/var/lib/extensions/tailscale ExecStartPre=
ExecStartPre=/opt/tailscale/tailscaled --cleanup
ExecStart=
ExecStart=/opt/tailscale/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock --port=${PORT} $FLAGS
ExecStopPost=
ExecStopPost=/opt/tailscale/tailscaled --cleanup

56
readme.md
View File

@@ -9,7 +9,8 @@ automatically on boot (no need to enter desktop mode).
1. Clone this repo to your Deck. 1. Clone this repo to your Deck.
2. Run `sudo bash tailscale.sh` to install Tailscale (or update the existing 2. Run `sudo bash tailscale.sh` to install Tailscale (or update the existing
installation). installation).
3. Run `sudo tailscale up --qr --operator=deck --ssh` to have Tailscale generate 3. Run `source /etc/profile.d/tailscale.sh` to put the binaries in your path
4. Run `sudo tailscale up --qr --operator=deck --ssh` to have Tailscale generate
a login QR code. Scan the code with your phone and authenticate with a login QR code. Scan the code with your phone and authenticate with
Tailscale to bring your Deck onto your network. Tailscale to bring your Deck onto your network.
@@ -29,48 +30,9 @@ If it doesn't, keep reading.
2. Run `sudo bash tailscale.sh` again. 2. Run `sudo bash tailscale.sh` again.
This process overwrites the existing binaries and service file, so it's not This process overwrites the existing binaries and service file, so it's not
recommended to tweak those files directly. The configuration files at recommended to tweak those files directly. The configuration file at
`/etc/default/tailscaled` and `/etc/default/tailscaled` is left alone. The configuration file at
`/etc/systemd/system/tailscaled.service.d/override.conf` are left alone, so feel `/etc/systemd/system/tailscaled.service.d/override.conf` is reset every time this script is run to ensure the path to the binary is correct, but the preexisting file will be backed up in that directory as `override.conf.bak`. If something goes wrong, copy those files somewhere else and re-run the install script to get back to a working state.
free to edit those. If something goes wrong, copy those files somewhere else and
re-run the install script to get back to a working state.
## Changing the root filesystem after installing Tailscale
This method for installing Tailscale uses
[`systemd` system extensions](https://man.archlinux.org/man/systemd-sysext.8.en)
to install files in the otherwise read-only Steam Deck filesystem. A side-effect
is that the `/usr` and `/opt` directories (and directories like `/bin`, `/lib`,
`/lib64`, `/mnt`, and `/sbin`, that typically link to `/usr` due to
[`/usr` merge](https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/)
which SteamOS implements) are read-only while system extensions are active,
_even after running `steamos-readonly disable`_.
If you need to modify files in these directories after installing Tailscale, run
the following commands:
```bash
$ systemd-sysext unmerge
$ steamos-readonly disable
[ make your changes to the rootfs now ]
$ steamos-readonly enable
$ systemd-sysext merge
```
## On system update
Unfortunately, because SteamOS doesn't include a `SYSEXT_LEVEL`, this
installation method breaks when the system version changes. Repair is simple:
Re-run the second step of the installation, and everything should come back up
as you had it.
### Why this happens
Extension images have to declare their compatibility using the OS ID and either
the SYSEXT_LEVEL or VERSION_ID, which have to match what the system declares.
SteamOS doesn't declare a SYSEXT_LEVEL, and the VERSION_ID increments with every
system update, so there's no stable values to declare compatibility against.
## Common issues ## Common issues
@@ -82,10 +44,6 @@ Resolution: Delete `/etc/default/tailscaled` and re-run installer script.
## How it works ## How it works
It uses the same system extension method as the official guide, but we put the The Tailscale binaries `tailscale` and `tailscaled` are installed in `/opt/tailscale/`. The Tailscale systemd unit file is installed at `/etc/systemd/system/tailscale.service`. The override file to reconfigure the services `Exec` commands is installed at `/etc/systemd/system/tailscaled.service.d/override.conf`. The defaults file for the variables `PORT` and `FLAGS` is installed at `/etc/default/tailscaled`
`tailscaled.service` file directly in `/etc/systemd/system/` because it's
actually safe to put things there. Changes in `/etc/` are preserved in
`/var/lib/overlays/etc/upper/` via an overlayfs, meaning that they survive
updates.
[official-guide]: https://tailscale.com/blog/steam-deck/ The service is then started and enabled via `systemctl`.

107
tailscale.sh
View File

@@ -1,8 +1,5 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# make system configuration vars available
source /etc/os-release
# set invocation settings for this script: # set invocation settings for this script:
# -e: Exit immediately if a command exits with a non-zero status. # -e: Exit immediately if a command exits with a non-zero status.
# -u: Treat unset variables as an error when substituting. # -u: Treat unset variables as an error when substituting.
@@ -31,6 +28,25 @@ curl -s "https://pkgs.tailscale.com/stable/${tarball}" -o tailscale.tgz
echo "done." echo "done."
echo -n "Removing Legacy Installations..."
# Stop and disable the systemd service
if systemctl is-active --quiet tailscaled; then
systemctl stop tailscaled &>/dev/null || echo "ERROR: could not stop tailscaled"
fi
if systemctl is-enabled --quiet tailscaled; then
systemctl disable tailscaled &>/dev/null || echo "ERROR: could not disable tailscaled"
fi
# Remove the systemd system extension
if [ $(systemd-sysext list 2>/dev/null | grep -c "/var/lib/extensions/tailscale") -ne 0 ]; then
systemd-sysext unmerge &>/dev/null || echo "ERROR: could not unmerge system extensions"
rm -rf /var/lib/extensions/tailscale
systemd-sysext merge &>/dev/null || echo "ERROR: could not merge system extensions"
fi
echo "done."
echo -n "Installing..." echo -n "Installing..."
# extract the tailscale binaries # extract the tailscale binaries
@@ -38,23 +54,21 @@ tar xzf tailscale.tgz
tar_dir="$(echo ${tarball} | cut -d. -f1-3)" tar_dir="$(echo ${tarball} | cut -d. -f1-3)"
test -d $tar_dir test -d $tar_dir
# create our target directory structure # Create binaries directory in home
mkdir -p tailscale/usr/{bin,sbin,lib/{systemd/system,extension-release.d}} mkdir -p /opt/tailscale
# pull things into the right place in the target dir structure # pull binaries
cp -rf $tar_dir/tailscale tailscale/usr/bin/tailscale cp -rf $tar_dir/tailscale /opt/tailscale/tailscale
cp -rf $tar_dir/tailscaled tailscale/usr/sbin/tailscaled cp -rf $tar_dir/tailscaled /opt/tailscale/tailscaled
# write a systemd extension-release file # add binaries to path via profile.d
echo -e "ID=steamos\nVERSION_ID=${VERSION_ID}" >> tailscale/usr/lib/extension-release.d/extension-release.tailscale if ! test -f /etc/profile.d/tailscale.sh; then
echo 'PATH="$PATH:/opt/tailscale"' >> /etc/profile.d/tailscale.sh
source /etc/profile.d/tailscale.sh
fi
# create the system extension folder if it doesn't already exist, remove the old version of our tailscale extension, and install our new one # copy the systemd file into place
mkdir -p /var/lib/extensions cp -rf $tar_dir/systemd/tailscaled.service /etc/systemd/system/tailscaled.service
rm -rf /var/lib/extensions/tailscale
cp -rf tailscale /var/lib/extensions/
# copy the systemd files into place
cp -rf $tar_dir/systemd/tailscaled.service /etc/systemd/system
# copy in the defaults file if it doesn't already exist # copy in the defaults file if it doesn't already exist
if ! test -f /etc/default/tailscaled; then if ! test -f /etc/default/tailscaled; then
@@ -65,33 +79,52 @@ fi
popd > /dev/null popd > /dev/null
rm -rf "${dir}" rm -rf "${dir}"
# copy in our overrides file if it doesn't already exist # if an override file already exists, back up and remove
if ! test -f /etc/systemd/system/tailscaled.service.d/override.conf; then if test -f /etc/systemd/system/tailscaled.service.d/override.conf; then
mkdir -p /etc/systemd/system/tailscaled.service.d echo
cp -rf override.conf /etc/systemd/system/tailscaled.service.d/override.conf echo
echo "Warning: An existing Tailscaled systemd override file was detected. It must be replaced."
echo "A backup of the existing file is being placed at /etc/systemd/system/tailscaled.service.d/override.conf.bak"
echo
cp -f /etc/systemd/system/tailscaled.service.d/override.conf /etc/systemd/system/tailscaled.service.d/override.conf.bak
rm /etc/systemd/system/tailscaled.service.d/override.conf
fi fi
# copy our override file in
mkdir -p /etc/systemd/system/tailscaled.service.d
cp -f override.conf /etc/systemd/system/tailscaled.service.d/override.conf
# capture the above override file in systemd
systemctl daemon-reload
echo "done." echo "done."
echo "Starting required services..." echo -n "Starting required services..."
# systemd-sysext - manages system extensions
if systemctl is-enabled --quiet systemd-sysext && systemctl is-active --quiet systemd-sysext; then
echo "systemd-sysext is already enabled and active"
else
systemctl enable systemd-sysext --now # this should be all we need in every case, but something breaks if it's already enabled/running.
fi
systemd-sysext refresh > /dev/null 2>&1
echo "Done."
# tailscaled - the tailscale daemon # tailscaled - the tailscale daemon
systemctl enable tailscaled # Note: enable and start/restart must be run because the legacy installation stops and disables
# any existing installations.
systemctl enable tailscaled &>/dev/null || echo "ERROR: Could not enable tailscaled service"
if systemctl is-active --quiet tailscaled; then if systemctl is-active --quiet tailscaled; then
echo "Upgrade complete. Restarting tailscaled..." echo "Upgrade complete."
echo -n "Restarting tailscaled..."
else else
echo "Install complete. Starting tailscaled..." echo "Install complete."
echo -n "Starting tailscaled..."
fi fi
systemctl restart tailscaled # This needs to be the last thing we do in case the user's running this over Tailscale SSH.
echo "Done." # This needs to be the last thing we do in case the user's running this over Tailscale SSH.
systemctl restart tailscaled &>/dev/null || echo "ERROR: Could not start tailscaled service"
echo "done."
if ! command -v tailscale &> /dev/null; then
echo
echo "Tailscale is installed and running but the binaries are not in your path yet."
echo "Restart your session or run the following command to add them:"
echo
echo "source /etc/profile.d/tailscale.sh"
echo
fi
echo "Installation Complete."

6
uninstall.sh Normal file
View File

@@ -0,0 +1,6 @@
systemctl stop tailscaled
systemctl disable tailscaled
rm /etc/systemd/system/tailscaled.service
rm /etc/default/tailscaled
rm /etc/profile.d/tailscale.sh
rm -rf /opt/tailscale/tailscale