From 1bdba3601ae2de9a6c938c487823725a6c82bcb8 Mon Sep 17 00:00:00 2001 From: Thomas Eizinger Date: Mon, 19 May 2025 19:52:06 +1000 Subject: [PATCH] feat(gui-client): rename IPC service to Tunnel service (#9154) The name IPC service is not very descriptive. By nature of being separate processes, we need to use IPC to communicate between them. The important thing is that the service process has control over the tunnel. Therefore, we rename everything to "Tunnel service". The only part that is not changed are historic changelog entries. Resolves: #9048 --- rust/bin-shared/src/device_id.rs | 4 +- rust/bin-shared/src/dns_control.rs | 2 +- rust/bin-shared/src/known_dirs.rs | 12 ++-- rust/bin-shared/src/known_dirs/linux.rs | 6 +- rust/bin-shared/src/known_dirs/macos.rs | 4 +- rust/bin-shared/src/known_dirs/windows.rs | 6 +- rust/client-shared/src/callbacks.rs | 2 +- rust/gui-client/build.sh | 12 ++-- rust/gui-client/docs/manual_testing.md | 8 +-- ...service => firezone-client-tunnel.service} | 6 +- rust/gui-client/src-tauri/deb_files/postinst | 4 +- rust/gui-client/src-tauri/deb_files/preinst | 10 ++++ rust/gui-client/src-tauri/deb_files/prerm | 2 +- .../rpm_files/firezone-gui-client.spec | 23 ++++--- ...lient-ipc.rs => firezone-client-tunnel.rs} | 4 +- .../src-tauri/src/bin/firezone-gui-client.rs | 6 +- rust/gui-client/src-tauri/src/clear_logs.rs | 2 +- rust/gui-client/src-tauri/src/controller.rs | 6 +- rust/gui-client/src-tauri/src/deep_link.rs | 2 +- rust/gui-client/src-tauri/src/elevation.rs | 2 +- .../src-tauri/src/gui/system_tray.rs | 2 +- rust/gui-client/src-tauri/src/ipc.rs | 4 +- rust/gui-client/src-tauri/src/ipc/linux.rs | 4 +- rust/gui-client/src-tauri/src/ipc/windows.rs | 2 +- rust/gui-client/src-tauri/src/lib.rs | 4 +- rust/gui-client/src-tauri/src/logging.rs | 27 +++++---- rust/gui-client/src-tauri/src/service.rs | 24 ++++---- .../gui-client/src-tauri/src/service/linux.rs | 8 +-- .../gui-client/src-tauri/src/service/macos.rs | 2 +- .../src-tauri/src/service/windows.rs | 19 +++--- rust/gui-client/src-tauri/tauri.conf.json | 6 +- .../src-tauri/tauri.windows.conf.json | 2 +- rust/gui-client/src-tauri/win_files/main.wxs | 11 ++++ .../src-tauri/win_files/service.wxs | 60 ++++++++++++++----- rust/headless-client/src/main.rs | 4 +- rust/headless-client/src/windows.rs | 4 +- rust/tests/gui-smoke-test/src/main.rs | 28 ++++----- scripts/tests/gui-client-install-linux-deb.sh | 6 +- .../tests/gui-client-install-windows-msi.sh | 4 +- scripts/tests/linux-group.sh | 6 +- website/src/app/kb/administer/logs/readme.mdx | 2 +- .../client-apps/linux-gui-client/readme.mdx | 14 ++--- .../client-apps/windows-gui-client/readme.mdx | 8 +-- website/src/components/Changelog/GUI.tsx | 12 ++++ 44 files changed, 232 insertions(+), 154 deletions(-) rename rust/gui-client/src-tauri/deb_files/{firezone-client-ipc.service => firezone-client-tunnel.service} (90%) create mode 100755 rust/gui-client/src-tauri/deb_files/preinst rename rust/gui-client/src-tauri/src/bin/{firezone-client-ipc.rs => firezone-client-tunnel.rs} (96%) diff --git a/rust/bin-shared/src/device_id.rs b/rust/bin-shared/src/device_id.rs index ee9e488fa..ae18c2cd3 100644 --- a/rust/bin-shared/src/device_id.rs +++ b/rust/bin-shared/src/device_id.rs @@ -17,7 +17,7 @@ pub struct DeviceId { /// e.g. `C:\ProgramData\dev.firezone.client/firezone-id.json` or /// `/var/lib/dev.firezone.client/config/firezone-id.json`. pub(crate) fn path() -> Result { - let path = crate::known_dirs::ipc_service_config() + let path = crate::known_dirs::tunnel_service_config() .context("Failed to compute path for firezone-id file")? .join("firezone-id.json"); Ok(path) @@ -53,7 +53,7 @@ pub fn get_or_create() -> Result { fs::create_dir_all(dir).context("Failed to create dir for firezone-id")?; set_dir_permissions(dir).with_context(|| { format!( - "Couldn't set permissions on IPC service config dir `{}`", + "Couldn't set permissions on Tunnel service config dir `{}`", dir.display() ) })?; diff --git a/rust/bin-shared/src/dns_control.rs b/rust/bin-shared/src/dns_control.rs index 9e2be422f..ec1e422dc 100644 --- a/rust/bin-shared/src/dns_control.rs +++ b/rust/bin-shared/src/dns_control.rs @@ -50,7 +50,7 @@ impl DnsController { } } -// TODO: Move DNS and network change listening to the IPC service, so this won't +// TODO: Move DNS and network change listening to the Tunnel service, so this won't // need to be public. pub fn system_resolvers_for_gui() -> Result> { system_resolvers(DnsControlMethod::default()) diff --git a/rust/bin-shared/src/known_dirs.rs b/rust/bin-shared/src/known_dirs.rs index 42f6cd672..a49bd9b4b 100644 --- a/rust/bin-shared/src/known_dirs.rs +++ b/rust/bin-shared/src/known_dirs.rs @@ -10,7 +10,7 @@ use anyhow::{Context as _, Result}; use std::path::PathBuf; -pub use platform::{ipc_service_config, ipc_service_logs, logs, runtime, session, settings}; +pub use platform::{logs, runtime, session, settings, tunnel_service_config, tunnel_service_logs}; #[cfg(target_os = "linux")] #[path = "known_dirs/linux.rs"] @@ -24,9 +24,9 @@ pub mod platform; #[path = "known_dirs/windows.rs"] pub mod platform; -pub fn ipc_log_filter() -> Result { - Ok(ipc_service_config() - .context("Failed to compute `ipc_service_config` directory")? +pub fn tunnel_log_filter() -> Result { + Ok(tunnel_service_config() + .context("Failed to compute `tunnel_service_config` directory")? .join("log-filter")) } @@ -37,8 +37,8 @@ mod tests { #[test] fn smoke() { for dir in [ - ipc_service_config(), - ipc_service_logs(), + tunnel_service_config(), + tunnel_service_logs(), logs(), runtime(), session(), diff --git a/rust/bin-shared/src/known_dirs/linux.rs b/rust/bin-shared/src/known_dirs/linux.rs index c773bcee9..623e68d63 100644 --- a/rust/bin-shared/src/known_dirs/linux.rs +++ b/rust/bin-shared/src/known_dirs/linux.rs @@ -1,7 +1,7 @@ use crate::BUNDLE_ID; use std::path::PathBuf; -/// Path for IPC service config that the IPC service can write +/// Path for Tunnel service config that the Tunnel service can write /// /// All writes should use `atomicwrites`. /// @@ -15,12 +15,12 @@ use std::path::PathBuf; /// /// `config` to match how Windows has `config` and `data` both under `AppData/Local/$BUNDLE_ID` #[expect(clippy::unnecessary_wraps)] // Signature must match Windows -pub fn ipc_service_config() -> Option { +pub fn tunnel_service_config() -> Option { Some(PathBuf::from("/var/lib").join(BUNDLE_ID).join("config")) } #[expect(clippy::unnecessary_wraps)] // Signature must match Windows -pub fn ipc_service_logs() -> Option { +pub fn tunnel_service_logs() -> Option { // TODO: This is magic, it must match the systemd file Some(PathBuf::from("/var/log").join(BUNDLE_ID)) } diff --git a/rust/bin-shared/src/known_dirs/macos.rs b/rust/bin-shared/src/known_dirs/macos.rs index 91c5169b6..3b71831bc 100644 --- a/rust/bin-shared/src/known_dirs/macos.rs +++ b/rust/bin-shared/src/known_dirs/macos.rs @@ -1,10 +1,10 @@ use std::path::PathBuf; -pub fn ipc_service_config() -> Option { +pub fn tunnel_service_config() -> Option { unimplemented!() } -pub fn ipc_service_logs() -> Option { +pub fn tunnel_service_logs() -> Option { unimplemented!() } diff --git a/rust/bin-shared/src/known_dirs/windows.rs b/rust/bin-shared/src/known_dirs/windows.rs index fa29bbb33..8c1a5b270 100644 --- a/rust/bin-shared/src/known_dirs/windows.rs +++ b/rust/bin-shared/src/known_dirs/windows.rs @@ -15,12 +15,12 @@ pub fn app_local_data_dir() -> Result { Ok(path) } -/// Path for IPC service config that the IPC service can write +/// Path for Tunnel service config that the Tunnel service can write /// /// All writes should use `atomicwrites`. /// /// On Windows, `C:/ProgramData/$BUNDLE_ID/config` -pub fn ipc_service_config() -> Option { +pub fn tunnel_service_config() -> Option { Some( get_known_folder_path(KnownFolder::ProgramData)? .join(BUNDLE_ID) @@ -28,7 +28,7 @@ pub fn ipc_service_config() -> Option { ) } -pub fn ipc_service_logs() -> Option { +pub fn tunnel_service_logs() -> Option { Some( get_known_folder_path(KnownFolder::ProgramData)? .join(BUNDLE_ID) diff --git a/rust/client-shared/src/callbacks.rs b/rust/client-shared/src/callbacks.rs index dd667683e..3fce776b6 100644 --- a/rust/client-shared/src/callbacks.rs +++ b/rust/client-shared/src/callbacks.rs @@ -122,7 +122,7 @@ where } } -/// Messages that connlib can produce and send to the headless Client, IPC service, or GUI process. +/// Messages that connlib can produce and send to the headless Client, Tunnel service, or GUI process. /// /// i.e. callbacks // The names are CamelCase versions of the connlib callbacks. diff --git a/rust/gui-client/build.sh b/rust/gui-client/build.sh index a317e45cb..f0d87911b 100755 --- a/rust/gui-client/build.sh +++ b/rust/gui-client/build.sh @@ -57,9 +57,9 @@ rm "$INTERMEDIATE_DIR"/*.tar.gz # │   ├── lib # │   │   ├── systemd # │   │   │   └── system -# │   │   │   └── firezone-client-ipc.service +# │   │   │   └── firezone-client-tunnel.service # │   │   └── sysusers.d -# │   │   └── firezone-client-ipc.conf +# │   │   └── firezone-client-tunnel.conf # │   └── share # │   ├── applications # │   │   └── firezone-client-gui.desktop @@ -68,15 +68,15 @@ rm "$INTERMEDIATE_DIR"/*.tar.gz # └── debian-binary # Add the scripts -cp src-tauri/deb_files/postinst src-tauri/deb_files/prerm "$INTERMEDIATE_DIR/control/" +cp src-tauri/deb_files/postinst src-tauri/deb_files/prerm src-tauri/deb_files/preinst "$INTERMEDIATE_DIR/control/" -# Add the IPC service -cp ../target/release/firezone-client-ipc "$INTERMEDIATE_DIR/data/usr/bin/" +# Add the Tunnel service +cp ../target/release/firezone-client-tunnel "$INTERMEDIATE_DIR/data/usr/bin/" pushd "$INTERMEDIATE_DIR" # Rebuild the control tarball -tar -C "control" -czf "control.tar.gz" control md5sums postinst prerm +tar -C "control" -czf "control.tar.gz" control md5sums preinst postinst prerm # Rebuild the data tarball tar -C "data" -czf "data.tar.gz" usr diff --git a/rust/gui-client/docs/manual_testing.md b/rust/gui-client/docs/manual_testing.md index d61e5dd18..848a3f8d7 100644 --- a/rust/gui-client/docs/manual_testing.md +++ b/rust/gui-client/docs/manual_testing.md @@ -36,15 +36,15 @@ If the client stops running while signed in, then the token may be stored in Win ## Linux Permissions -- [ ] The IPC service with `run-debug` can NOT run as a normal user -- [ ] The IPC service with `run-debug` can run with `sudo` +- [ ] The Tunnel service with `run-debug` can NOT run as a normal user +- [ ] The Tunnel service with `run-debug` can run with `sudo` - [ ] The GUI can run as a normal user - [ ] The GUI can NOT run with `sudo` ## Windows Permissions -- [ ] The IPC service with `run-debug` can NOT run as a normal user -- [ ] The IPC service with `run-debug` can run as admin +- [ ] The Tunnel service with `run-debug` can NOT run as a normal user +- [ ] The Tunnel service with `run-debug` can run as admin - [ ] The GUI can run as a normal user - [ ] The GUI can run as admin diff --git a/rust/gui-client/src-tauri/deb_files/firezone-client-ipc.service b/rust/gui-client/src-tauri/deb_files/firezone-client-tunnel.service similarity index 90% rename from rust/gui-client/src-tauri/deb_files/firezone-client-ipc.service rename to rust/gui-client/src-tauri/deb_files/firezone-client-tunnel.service index 2bf0041ed..bd7548099 100644 --- a/rust/gui-client/src-tauri/deb_files/firezone-client-ipc.service +++ b/rust/gui-client/src-tauri/deb_files/firezone-client-tunnel.service @@ -1,5 +1,5 @@ [Unit] -Description=Firezone Client +Description=Firezone Client Tunnel Service After=systemd-resolved.service Wants=systemd-resolved.service @@ -40,9 +40,9 @@ SystemCallFilter=@aio @basic-io @file-system @io-event @ipc @network-io @signal UMask=077 Environment="LOG_DIR=/var/log/dev.firezone.client" -EnvironmentFile=-/etc/default/firezone-client-ipc +EnvironmentFile=-/etc/default/firezone-client-tunnel -ExecStart=firezone-client-ipc run +ExecStart=firezone-client-tunnel run Type=notify # Unfortunately we need root to control DNS User=root diff --git a/rust/gui-client/src-tauri/deb_files/postinst b/rust/gui-client/src-tauri/deb_files/postinst index ca019fa1b..3f149a4a5 100755 --- a/rust/gui-client/src-tauri/deb_files/postinst +++ b/rust/gui-client/src-tauri/deb_files/postinst @@ -4,12 +4,12 @@ set -euo pipefail -SERVICE_NAME="firezone-client-ipc" +SERVICE_NAME="firezone-client-tunnel" # Creates the system group `firezone-client` sudo systemd-sysusers -echo "Starting and enabling Firezone IPC service..." +echo "Starting and enabling Firezone Tunnel service..." sudo systemctl daemon-reload sudo systemctl enable "$SERVICE_NAME" sudo systemctl restart "$SERVICE_NAME" diff --git a/rust/gui-client/src-tauri/deb_files/preinst b/rust/gui-client/src-tauri/deb_files/preinst new file mode 100755 index 000000000..9f07d16f6 --- /dev/null +++ b/rust/gui-client/src-tauri/deb_files/preinst @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +# Usage: dpkg will call this after installing our files +# This must be idempotent + +set -euo pipefail + +OLD_SERVICE_NAME="firezone-client-ipc" + +sudo systemctl disable "$OLD_SERVICE_NAME" >/dev/null 2>&1 || true +sudo systemctl stop "$OLD_SERVICE_NAME" >/dev/null 2>&1 || true diff --git a/rust/gui-client/src-tauri/deb_files/prerm b/rust/gui-client/src-tauri/deb_files/prerm index f0b30e031..bb7c32bc9 100755 --- a/rust/gui-client/src-tauri/deb_files/prerm +++ b/rust/gui-client/src-tauri/deb_files/prerm @@ -3,7 +3,7 @@ set -euo pipefail -SERVICE_NAME="firezone-client-ipc" +SERVICE_NAME="firezone-client-tunnel" sudo systemctl disable "$SERVICE_NAME" sudo systemctl stop "$SERVICE_NAME" diff --git a/rust/gui-client/src-tauri/rpm_files/firezone-gui-client.spec b/rust/gui-client/src-tauri/rpm_files/firezone-gui-client.spec index 97d2f6e00..b402daf6c 100644 --- a/rust/gui-client/src-tauri/rpm_files/firezone-gui-client.spec +++ b/rust/gui-client/src-tauri/rpm_files/firezone-gui-client.spec @@ -16,6 +16,11 @@ BuildRequires: systemd-rpm-macros %prep +%pre +# Stop and disable the old service. The service may no longer exist so we ensure this never fails. +systemctl disable "$OLD_SERVICE_NAME" >/dev/null 2>&1 || true +systemctl stop "$OLD_SERVICE_NAME" >/dev/null 2>&1 || true + %build %install @@ -25,7 +30,7 @@ mkdir -p \ BINS="%{_topdir}/../../target/release" -cp "$BINS/firezone-client-ipc" "%{buildroot}/usr/bin/" +cp "$BINS/firezone-client-tunnel" "%{buildroot}/usr/bin/" cp "$BINS/firezone-client-gui" "%{buildroot}/usr/lib/dev.firezone.client/" cp "%{_topdir}/../src-tauri/rpm_files/gui-shim.sh" "%{buildroot}/usr/bin/firezone-client-gui" @@ -103,12 +108,12 @@ mkdir -p \ "$ICONS/512x512/apps" cp \ -"%{_topdir}/../src-tauri/deb_files/firezone-client-ipc.service" \ +"%{_topdir}/../src-tauri/deb_files/firezone-client-tunnel.service" \ "%{buildroot}/usr/lib/systemd/system/" cp \ "%{_topdir}/../src-tauri/deb_files/sysusers.conf" \ -"%{buildroot}/usr/lib/sysusers.d/firezone-client-ipc.conf" +"%{buildroot}/usr/lib/sysusers.d/firezone-client-tunnel.conf" cp \ "%{_topdir}/../src-tauri/rpm_files/firezone-client-gui.desktop" \ @@ -127,7 +132,7 @@ cp \ "$ICONS/512x512/apps/firezone-client-gui.png" %files -/usr/bin/firezone-client-ipc +/usr/bin/firezone-client-tunnel /usr/bin/firezone-client-gui /usr/lib/dev.firezone.client/firezone-client-gui @@ -163,8 +168,8 @@ cp \ /usr/lib/dev.firezone.client/libX11.so.6 /usr/lib/dev.firezone.client/libX11-xcb.so.1 -/usr/lib/systemd/system/firezone-client-ipc.service -/usr/lib/sysusers.d/firezone-client-ipc.conf +/usr/lib/systemd/system/firezone-client-tunnel.service +/usr/lib/sysusers.d/firezone-client-tunnel.conf /usr/share/applications/firezone-client-gui.desktop /usr/share/icons/hicolor/32x32/apps/firezone-client-gui.png @@ -188,10 +193,10 @@ cp \ %endif %post -%systemd_post firezone-client-ipc.service +%systemd_post firezone-client-tunnel.service %preun -%systemd_preun firezone-client-ipc.service +%systemd_preun firezone-client-tunnel.service %postun -%systemd_postun_with_restart firezone-client-ipc.service +%systemd_postun_with_restart firezone-client-tunnel.service diff --git a/rust/gui-client/src-tauri/src/bin/firezone-client-ipc.rs b/rust/gui-client/src-tauri/src/bin/firezone-client-tunnel.rs similarity index 96% rename from rust/gui-client/src-tauri/src/bin/firezone-client-ipc.rs rename to rust/gui-client/src-tauri/src/bin/firezone-client-tunnel.rs index 76c1c8e37..4bcdaff01 100644 --- a/rust/gui-client/src-tauri/src/bin/firezone-client-ipc.rs +++ b/rust/gui-client/src-tauri/src/bin/firezone-client-tunnel.rs @@ -60,7 +60,7 @@ pub struct Cli { #[derive(clap::Subcommand)] enum Cmd { - /// Needed to test the IPC service on aarch64 Windows, + /// Needed to test the Tunnel service on aarch64 Windows, /// where the Tauri MSI bundler doesn't work yet Install, Run, @@ -80,7 +80,7 @@ mod tests { use clap::Parser; use std::path::PathBuf; - const EXE_NAME: &str = "firezone-client-ipc"; + const EXE_NAME: &str = "firezone-client-tunnel"; // Can't remember how Clap works sometimes // Also these are examples diff --git a/rust/gui-client/src-tauri/src/bin/firezone-gui-client.rs b/rust/gui-client/src-tauri/src/bin/firezone-gui-client.rs index 437001273..e6324d24c 100644 --- a/rust/gui-client/src-tauri/src/bin/firezone-gui-client.rs +++ b/rust/gui-client/src-tauri/src/bin/firezone-gui-client.rs @@ -38,7 +38,7 @@ fn main() -> ExitCode { ); // Get the device ID before starting Tokio, so that all the worker threads will inherit the correct scope. - // Technically this means we can fail to get the device ID on a newly-installed system, since the IPC service may not have fully started up when the GUI process reaches this point, but in practice it's unlikely. + // Technically this means we can fail to get the device ID on a newly-installed system, since the Tunnel service may not have fully started up when the GUI process reaches this point, but in practice it's unlikely. if let Ok(id) = firezone_bin_shared::device_id::get() { Telemetry::set_firezone_id(id.id); } @@ -159,7 +159,9 @@ fn try_main(cli: Cli, rt: &tokio::runtime::Runtime, mut settings: AdvancedSettin .root_cause() .is::() { - show_error_dialog("Couldn't find Firezone IPC service. Is the service running?")?; + show_error_dialog( + "Couldn't find Firezone Tunnel service. Is the service running?", + )?; return Err(anyhow); } diff --git a/rust/gui-client/src-tauri/src/clear_logs.rs b/rust/gui-client/src-tauri/src/clear_logs.rs index 9453fdea1..071fde458 100644 --- a/rust/gui-client/src-tauri/src/clear_logs.rs +++ b/rust/gui-client/src-tauri/src/clear_logs.rs @@ -7,7 +7,7 @@ pub async fn clear_logs(path: &Path) -> Result<()> { Ok(x) => x, Err(error) => { if matches!(error.kind(), NotFound) { - // In smoke tests, the IPC service runs in debug mode, so it won't write any logs to disk. If the IPC service's log dir doesn't exist, we shouldn't crash, it's correct to simply not delete the non-existent files + // In smoke tests, the Tunnel service runs in debug mode, so it won't write any logs to disk. If the Tunnel service's log dir doesn't exist, we shouldn't crash, it's correct to simply not delete the non-existent files return Ok(()); } // But any other error like permissions errors, should bubble. diff --git a/rust/gui-client/src-tauri/src/controller.rs b/rust/gui-client/src-tauri/src/controller.rs index 3ea3e0e40..ab9da4e97 100644 --- a/rust/gui-client/src-tauri/src/controller.rs +++ b/rust/gui-client/src-tauri/src/controller.rs @@ -86,7 +86,7 @@ pub trait GuiIntegration { pub enum ControllerRequest { /// The GUI wants us to use these settings in-memory, they've already been saved to disk ApplySettings(Box), - /// Clear the GUI's logs and await the IPC service to clear its logs + /// Clear the GUI's logs and await the Tunnel service to clear its logs ClearLogs(oneshot::Sender>), /// The same as the arguments to `client::logging::export_logs_to` ExportLogs { @@ -654,12 +654,12 @@ impl Controller { self.update_disabled_resources().await?; } service::ServerMsg::TerminatingGracefully => { - tracing::info!("IPC service exited gracefully"); + tracing::info!("Tunnel service exited gracefully"); self.integration .set_tray_icon(system_tray::icon_terminating()); self.integration.show_notification( "Firezone disconnected", - "The Firezone IPC service was shutdown, quitting GUI process.", + "The Firezone Tunnel service was shutdown, quitting GUI process.", )?; return Ok(ControlFlow::Break(())); diff --git a/rust/gui-client/src-tauri/src/deep_link.rs b/rust/gui-client/src-tauri/src/deep_link.rs index a36ecfeb5..296e117fd 100644 --- a/rust/gui-client/src-tauri/src/deep_link.rs +++ b/rust/gui-client/src-tauri/src/deep_link.rs @@ -1,6 +1,6 @@ //! A module for registering, catching, and parsing deep links that are sent over to the app's already-running instance -// The IPC parts use the same primitives as the IPC service, UDS on Linux +// The IPC parts use the same primitives as the Tunnel service, UDS on Linux // and named pipes on Windows, so TODO de-dupe the IPC code use crate::{ diff --git a/rust/gui-client/src-tauri/src/elevation.rs b/rust/gui-client/src-tauri/src/elevation.rs index 27872c2e5..57e133b51 100644 --- a/rust/gui-client/src-tauri/src/elevation.rs +++ b/rust/gui-client/src-tauri/src/elevation.rs @@ -8,7 +8,7 @@ mod platform { /// Returns true if all permissions are correct for the GUI to run /// - /// Everything that needs root / admin powers happens in the IPC services, + /// Everything that needs root / admin powers happens in the Tunnel services, /// so for security and practicality reasons the GUIs must be non-root. /// (In Linux by default a root GUI app barely works at all) pub fn gui_check() -> Result { diff --git a/rust/gui-client/src-tauri/src/gui/system_tray.rs b/rust/gui-client/src-tauri/src/gui/system_tray.rs index 697202ba7..2d15cc3b2 100644 --- a/rust/gui-client/src-tauri/src/gui/system_tray.rs +++ b/rust/gui-client/src-tauri/src/gui/system_tray.rs @@ -364,7 +364,7 @@ pub struct Icon { pub update_ready: bool, } -/// Generic icon for unusual terminating cases like if the IPC service stops running +/// Generic icon for unusual terminating cases like if the Tunnel service stops running pub(crate) fn icon_terminating() -> Icon { Icon { base: IconBase::SignedOut, diff --git a/rust/gui-client/src-tauri/src/ipc.rs b/rust/gui-client/src-tauri/src/ipc.rs index c654557c7..2b903994f 100644 --- a/rust/gui-client/src-tauri/src/ipc.rs +++ b/rust/gui-client/src-tauri/src/ipc.rs @@ -29,7 +29,7 @@ pub(crate) mod platform; pub(crate) mod platform; #[derive(Debug, thiserror::Error)] -#[error("Couldn't find IPC service `{0}`")] +#[error("Couldn't find IPC socket `{0}`")] pub struct NotFound(String); /// A name that both the server and client can use to find each other @@ -304,7 +304,7 @@ mod tests { /// Replicate #5143 /// - /// When the IPC service has disconnected from a GUI and loops over, sometimes + /// When the Tunnel service has disconnected from a GUI and loops over, sometimes /// the named pipe is not ready. If our IPC code doesn't handle this right, /// this test will fail. #[tokio::test] diff --git a/rust/gui-client/src-tauri/src/ipc/linux.rs b/rust/gui-client/src-tauri/src/ipc/linux.rs index 9dd89d76d..5d46dd3ae 100644 --- a/rust/gui-client/src-tauri/src/ipc/linux.rs +++ b/rust/gui-client/src-tauri/src/ipc/linux.rs @@ -27,7 +27,7 @@ pub type ClientStream = UnixStream; /// On Windows `ClientStream` and `ServerStream` differ pub(crate) type ServerStream = UnixStream; -/// Connect to the IPC service +/// Connect to the Tunnel service #[expect(clippy::wildcard_enum_match_arm)] pub async fn connect_to_socket(id: SocketId) -> Result { let path = ipc_path(id); @@ -70,7 +70,7 @@ impl Server { std::fs::set_permissions(&sock_path, perms).context("Failed to set permissions on UDS")?; // TODO: Change this to `notify_service_controller` and put it in - // the same place in the IPC service's main loop as in the Headless Client. + // the same place in the Tunnel service's main loop as in the Headless Client. sd_notify::notify(true, &[sd_notify::NotifyState::Ready])?; Ok(Self { listener, id }) } diff --git a/rust/gui-client/src-tauri/src/ipc/windows.rs b/rust/gui-client/src-tauri/src/ipc/windows.rs index e96770dd9..a5897c400 100644 --- a/rust/gui-client/src-tauri/src/ipc/windows.rs +++ b/rust/gui-client/src-tauri/src/ipc/windows.rs @@ -54,7 +54,7 @@ impl Server { // `&mut self` needed to match the Linux signature pub(crate) async fn next_client(&mut self) -> Result { - // Fixes #5143. In the IPC service, if we close the pipe and immediately re-open + // Fixes #5143. In the Tunnel service, if we close the pipe and immediately re-open // it, Tokio may not get a chance to clean up the pipe. Yielding seems to fix // this in tests, but `yield_now` doesn't make any such guarantees, so // we also do a loop. diff --git a/rust/gui-client/src-tauri/src/lib.rs b/rust/gui-client/src-tauri/src/lib.rs index 137405c93..9deb320a1 100644 --- a/rust/gui-client/src-tauri/src/lib.rs +++ b/rust/gui-client/src-tauri/src/lib.rs @@ -21,6 +21,6 @@ pub use clear_logs::clear_logs; /// The Sentry "release" we are part of. /// -/// IPC service and GUI client are always bundled into a single release. -/// Hence, we have a single constant for IPC service and GUI client. +/// Tunnel service and GUI client are always bundled into a single release. +/// Hence, we have a single constant for Tunnel service and GUI client. pub const RELEASE: &str = concat!("gui-client@", env!("CARGO_PKG_VERSION")); diff --git a/rust/gui-client/src-tauri/src/logging.rs b/rust/gui-client/src-tauri/src/logging.rs index 6f6a3bbe2..b7886f669 100644 --- a/rust/gui-client/src-tauri/src/logging.rs +++ b/rust/gui-client/src-tauri/src/logging.rs @@ -169,19 +169,22 @@ pub fn setup_gui(directives: &str) -> Result { }) } -/// Starts logging for the production IPC service +/// Starts logging for the production Tunnel service /// /// Returns: A `Handle` that must be kept alive. Dropping it stops logging /// and flushes the log file. -pub fn setup_ipc( +pub fn setup_tunnel( log_path: Option, ) -> Result<( firezone_logging::file::Handle, firezone_logging::FilterReloadHandle, )> { - // If `log_dir` is Some, use that. Else call `ipc_service_logs` + // If `log_dir` is Some, use that. Else call `tunnel_service_logs` let log_path = log_path.map_or_else( - || known_dirs::ipc_service_logs().context("Should be able to compute IPC service logs dir"), + || { + known_dirs::tunnel_service_logs() + .context("Should be able to compute Tunnel service logs dir") + }, Ok, )?; std::fs::create_dir_all(&log_path) @@ -211,7 +214,7 @@ pub fn setup_ipc( ?directives, system_uptime = firezone_bin_shared::uptime::get().map(tracing::field::debug), log_path = %log_path.display(), - "`ipc-service` started logging" + "`tunnel service` started logging" ); Ok((file_handle, file_reloader.merge(stdout_reloader))) @@ -229,13 +232,13 @@ pub fn setup_stdout() -> Result { Ok(reloader) } -/// Reads the log filter for the IPC service or for debug commands +/// Reads the log filter for the Tunnel service or for debug commands /// /// e.g. `info` /// /// Reads from: /// 1. `RUST_LOG` env var -/// 2. `known_dirs::ipc_log_filter()` file +/// 2. `known_dirs::tunnel_log_filter()` file /// 3. Hard-coded default `SERVICE_RUST_LOG` /// /// Errors if something is badly wrong, e.g. the directory for the config file @@ -250,8 +253,9 @@ pub(crate) fn get_log_filter() -> Result { return Ok(filter); } - if let Ok(filter) = std::fs::read_to_string(firezone_bin_shared::known_dirs::ipc_log_filter()?) - .map(|s| s.trim().to_string()) + if let Ok(filter) = + std::fs::read_to_string(firezone_bin_shared::known_dirs::tunnel_log_filter()?) + .map(|s| s.trim().to_string()) { return Ok(filter); } @@ -332,7 +336,7 @@ fn add_dir_to_zip( Ok(x) => x, Err(error) => { if matches!(error.kind(), NotFound) { - // In smoke tests, the IPC service runs in debug mode, so it won't write any logs to disk. If the IPC service's log dir doesn't exist, we shouldn't crash, it's correct to simply not add any files to the zip + // In smoke tests, the Tunnel service runs in debug mode, so it won't write any logs to disk. If the Tunnel service's log dir doesn't exist, we shouldn't crash, it's correct to simply not add any files to the zip return Ok(()); } // But any other error like permissions errors, should bubble. @@ -384,7 +388,8 @@ async fn count_one_dir(path: &Path) -> Result { fn log_paths() -> Result> { Ok(vec![ LogPath { - src: known_dirs::ipc_service_logs().context("Can't compute IPC service logs dir")?, + src: known_dirs::tunnel_service_logs() + .context("Can't compute Tunnel service logs dir")?, dst: PathBuf::from("connlib"), }, LogPath { diff --git a/rust/gui-client/src-tauri/src/service.rs b/rust/gui-client/src-tauri/src/service.rs index 622affbbb..f4441ad50 100644 --- a/rust/gui-client/src-tauri/src/service.rs +++ b/rust/gui-client/src-tauri/src/service.rs @@ -64,11 +64,11 @@ pub enum ClientMsg { }, } -/// Messages that end up in the GUI, either forwarded from connlib or from the IPC service. +/// Messages that end up in the GUI, either forwarded from connlib or from the Tunnel service. #[derive(Debug, serde::Deserialize, serde::Serialize, strum::Display)] pub enum ServerMsg { Hello, - /// The IPC service finished clearing its log dir. + /// The Tunnel service finished clearing its log dir. ClearedLogs(Result<(), String>), ConnectResult(Result<(), ConnectError>), DisconnectedGracefully, @@ -77,7 +77,7 @@ pub enum ServerMsg { is_authentication_error: bool, }, OnUpdateResources(Vec), - /// The IPC service is terminating, maybe due to a software update + /// The Tunnel service is terminating, maybe due to a software update /// /// This is a hint that the Client should exit with a message like, /// "Firezone is updating, please restart the GUI" instead of an error like, @@ -108,7 +108,7 @@ impl From for ConnectError { } } -/// Run the IPC service and terminate gracefully if we catch a terminate signal +/// Run the Tunnel service and terminate gracefully if we catch a terminate signal /// /// If an IPC client is connected when we catch a terminate signal, we send the /// client a hint about that before we exit. @@ -118,7 +118,7 @@ async fn ipc_listen( signals: &mut signals::Terminate, telemetry: &mut Telemetry, ) -> Result<()> { - // Create the device ID and IPC service config dir if needed + // Create the device ID and Tunnel service config dir if needed // This also gives the GUI a safe place to put the log filter config let firezone_id = device_id::get_or_create() .context("Failed to read / create device ID")? @@ -238,7 +238,7 @@ impl<'a> Handler<'a> { /// Run the event loop to communicate with an IPC client. /// - /// If the IPC service needs to terminate, we catch that from `signals` and send + /// If the Tunnel service needs to terminate, we catch that from `signals` and send /// the client a hint to shut itself down gracefully. /// /// The return type is infallible so that we only give up on an IPC client explicitly @@ -360,7 +360,7 @@ impl<'a> Handler<'a> { match msg { ClientMsg::ClearLogs => { let result = crate::clear_logs( - &firezone_bin_shared::known_dirs::ipc_service_logs() + &firezone_bin_shared::known_dirs::tunnel_service_logs() .context("Can't compute logs dir")?, ) .await; @@ -385,7 +385,7 @@ impl<'a> Handler<'a> { ClientMsg::ApplyLogFilter { directives } => { self.log_filter_reloader.reload(&directives)?; - let path = known_dirs::ipc_log_filter()?; + let path = known_dirs::tunnel_log_filter()?; if let Err(e) = AtomicFile::new(&path, OverwriteBehavior::AllowOverwrite) .write(|f| f.write_all(directives.as_bytes())) @@ -531,7 +531,7 @@ pub fn run_debug(dns_control: DnsControlMethod) -> Result<()> { system_uptime_seconds = firezone_bin_shared::uptime::get().map(|dur| dur.as_secs()), ); if !elevation_check()? { - bail!("IPC service failed its elevation check, try running as admin / root"); + bail!("Tunnel service failed its elevation check, try running as admin / root"); } let rt = tokio::runtime::Builder::new_current_thread() .enable_all() @@ -548,7 +548,7 @@ pub fn run_debug(dns_control: DnsControlMethod) -> Result<()> { )) .inspect(|_| rt.block_on(telemetry.stop())) .inspect_err(|e| { - tracing::error!("IPC service failed: {e:#}"); + tracing::error!("Tunnel service failed: {e:#}"); rt.block_on(telemetry.stop_on_crash()) }) @@ -565,7 +565,7 @@ pub fn run_smoke_test() -> Result<()> { let log_filter_reloader = crate::logging::setup_stdout()?; if !elevation_check()? { - bail!("IPC service failed its elevation check, try running as admin / root"); + bail!("Tunnel service failed its elevation check, try running as admin / root"); } let rt = tokio::runtime::Builder::new_current_thread() .enable_all() @@ -574,7 +574,7 @@ pub fn run_smoke_test() -> Result<()> { let mut dns_controller = DnsController { dns_control_method: Default::default(), }; - // Deactivate Firezone DNS control in case the system or IPC service crashed + // Deactivate Firezone DNS control in case the system or Tunnel service crashed // and we need to recover. dns_controller.deactivate()?; let mut signals = signals::Terminate::new()?; diff --git a/rust/gui-client/src-tauri/src/service/linux.rs b/rust/gui-client/src-tauri/src/service/linux.rs index 54df7ec18..a54b2102a 100644 --- a/rust/gui-client/src-tauri/src/service/linux.rs +++ b/rust/gui-client/src-tauri/src/service/linux.rs @@ -9,9 +9,9 @@ use firezone_telemetry::Telemetry; /// /// Linux uses the CLI args from here, Windows does not pub fn run(log_dir: Option, dns_control: DnsControlMethod) -> Result<()> { - let (_handle, log_filter_reloader) = crate::logging::setup_ipc(log_dir)?; + let (_handle, log_filter_reloader) = crate::logging::setup_tunnel(log_dir)?; if !elevation_check()? { - bail!("IPC service failed its elevation check, try running as admin / root"); + bail!("Tunnel service failed its elevation check, try running as admin / root"); } let rt = tokio::runtime::Builder::new_current_thread() .enable_all() @@ -28,13 +28,13 @@ pub fn run(log_dir: Option, dns_control: DnsControlMethod) -> Result<() )) .inspect(|_| rt.block_on(telemetry.stop())) .inspect_err(|e| { - tracing::error!("IPC service failed: {e:#}"); + tracing::error!("Tunnel service failed: {e:#}"); rt.block_on(telemetry.stop_on_crash()) }) } -/// Returns true if the IPC service can run properly +/// Returns true if the Tunnel service can run properly // Fallible on Windows #[expect(clippy::unnecessary_wraps)] pub fn elevation_check() -> Result { diff --git a/rust/gui-client/src-tauri/src/service/macos.rs b/rust/gui-client/src-tauri/src/service/macos.rs index 7474b6dd3..2ed47d9be 100644 --- a/rust/gui-client/src-tauri/src/service/macos.rs +++ b/rust/gui-client/src-tauri/src/service/macos.rs @@ -4,7 +4,7 @@ use std::path::PathBuf; pub fn run(log_dir: Option, _dns_control: DnsControlMethod) -> Result<()> { // We call this here to avoid a dead-code warning. - let (_handle, _log_filter_reloader) = crate::logging::setup_ipc(log_dir)?; + let (_handle, _log_filter_reloader) = crate::logging::setup_tunnel(log_dir)?; bail!("not implemented") } diff --git a/rust/gui-client/src-tauri/src/service/windows.rs b/rust/gui-client/src-tauri/src/service/windows.rs index 6ab7763c5..c04b6af66 100644 --- a/rust/gui-client/src-tauri/src/service/windows.rs +++ b/rust/gui-client/src-tauri/src/service/windows.rs @@ -32,7 +32,7 @@ use windows_service::{ const SERVICE_NAME: &str = "firezone_client_ipc"; const SERVICE_TYPE: ServiceType = ServiceType::OWN_PROCESS; -/// Returns true if the IPC service can run properly +/// Returns true if the Tunnel service can run properly pub fn elevation_check() -> Result { let token = ProcessToken::our_process().context("Failed to get process token")?; let elevated = token @@ -152,10 +152,10 @@ pub fn install() -> Result<()> { let manager_access = ServiceManagerAccess::CONNECT | ServiceManagerAccess::CREATE_SERVICE; let service_manager = ServiceManager::local_computer(None::<&str>, manager_access)?; - let name = "FirezoneClientIpcServiceDebug"; + let name = "FirezoneClientTunnelServiceDebug"; // Un-install existing one first if needed - if let Err(e) = uninstall_ipc_service(&service_manager, name) + if let Err(e) = uninstall_tunnel_service(&service_manager, name) .with_context(|| format!("Failed to uninstall `{name}`")) { tracing::debug!("{e:#}"); @@ -164,7 +164,7 @@ pub fn install() -> Result<()> { let executable_path = std::env::current_exe()?; let service_info = ServiceInfo { name: OsString::from(name), - display_name: OsString::from("Firezone Client IPC (Debug)"), + display_name: OsString::from("Firezone Tunnel Service (Debug)"), service_type: ServiceType::OWN_PROCESS, start_type: ServiceStartType::AutoStart, error_control: ServiceErrorControl::Normal, @@ -179,7 +179,10 @@ pub fn install() -> Result<()> { Ok(()) } -fn uninstall_ipc_service(service_manager: &ServiceManager, name: impl AsRef) -> Result<()> { +fn uninstall_tunnel_service( + service_manager: &ServiceManager, + name: impl AsRef, +) -> Result<()> { let service_access = ServiceAccess::DELETE; let service = service_manager.open_service(name, service_access)?; service.delete()?; @@ -201,7 +204,7 @@ fn service_run(arguments: Vec) { // `arguments` doesn't seem to work right when running as a Windows service // (even though it's meant for that) so just use the default log dir. let (handle, log_filter_reloader) = - crate::logging::setup_ipc(None).expect("Should be able to set up logging"); + crate::logging::setup_tunnel(None).expect("Should be able to set up logging"); if let Err(error) = fallible_service_run(arguments, handle, log_filter_reloader) { tracing::error!("`fallible_windows_service_run` returned an error: {error:#}"); } @@ -219,7 +222,7 @@ fn fallible_service_run( ) -> Result<()> { tracing::info!(?arguments, "fallible_windows_service_run"); if !elevation_check()? { - bail!("IPC service failed its elevation check, try running as admin / root"); + bail!("Tunnel service failed its elevation check, try running as admin / root"); } let rt = tokio::runtime::Builder::new_current_thread() @@ -289,7 +292,7 @@ fn fallible_service_run( )) .inspect(|_| rt.block_on(telemetry.stop())) .inspect_err(|e| { - tracing::error!("IPC service failed: {e:#}"); + tracing::error!("Tunnel service failed: {e:#}"); rt.block_on(telemetry.stop_on_crash()) }); diff --git a/rust/gui-client/src-tauri/tauri.conf.json b/rust/gui-client/src-tauri/tauri.conf.json index 72d2f0623..3ee83639d 100644 --- a/rust/gui-client/src-tauri/tauri.conf.json +++ b/rust/gui-client/src-tauri/tauri.conf.json @@ -10,8 +10,8 @@ "linux": { "deb": { "files": { - "/usr/lib/systemd/system/firezone-client-ipc.service": "./deb_files/firezone-client-ipc.service", - "/usr/lib/sysusers.d/firezone-client-ipc.conf": "./deb_files/sysusers.conf" + "/usr/lib/systemd/system/firezone-client-tunnel.service": "./deb_files/firezone-client-tunnel.service", + "/usr/lib/sysusers.d/firezone-client-tunnel.conf": "./deb_files/sysusers.conf" }, "desktopTemplate": "./deb_files/firezone-client-gui.desktop" } @@ -20,7 +20,7 @@ "windows": { "wix": { "bannerPath": "./win_files/banner.png", - "componentRefs": ["FirezoneClientIpcService"], + "componentRefs": ["RemoveOldFirezoneService", "FirezoneClientTunnelService"], "dialogImagePath": "./win_files/install_dialog.png", "fragmentPaths": ["./win_files/service.wxs"], "template": "./win_files/main.wxs" diff --git a/rust/gui-client/src-tauri/tauri.windows.conf.json b/rust/gui-client/src-tauri/tauri.windows.conf.json index 6908d276a..c55a070e5 100644 --- a/rust/gui-client/src-tauri/tauri.windows.conf.json +++ b/rust/gui-client/src-tauri/tauri.windows.conf.json @@ -1,6 +1,6 @@ { "build": { - "beforeBundleCommand": "bash -c '../../scripts/build/sign.sh ../target/release/Firezone.exe ../target/release/firezone-client-ipc.exe'" + "beforeBundleCommand": "bash -c '../../scripts/build/sign.sh ../target/release/Firezone.exe ../target/release/firezone-client-tunnel.exe'" }, "mainBinaryName": "Firezone", "productName": "Firezone" diff --git a/rust/gui-client/src-tauri/win_files/main.wxs b/rust/gui-client/src-tauri/win_files/main.wxs index 3f1bdd081..0c70f88ca 100644 --- a/rust/gui-client/src-tauri/win_files/main.wxs +++ b/rust/gui-client/src-tauri/win_files/main.wxs @@ -345,6 +345,17 @@ component. {{/if}} + + + + + NOT Installed + + AUTOLAUNCHAPP AND NOT Installed diff --git a/rust/gui-client/src-tauri/win_files/service.wxs b/rust/gui-client/src-tauri/win_files/service.wxs index ba0b31596..8792eabdb 100644 --- a/rust/gui-client/src-tauri/win_files/service.wxs +++ b/rust/gui-client/src-tauri/win_files/service.wxs @@ -2,21 +2,51 @@ - - - - - + + + + + + + + + + + + + + + diff --git a/rust/headless-client/src/main.rs b/rust/headless-client/src/main.rs index 1f2d07e09..0e16ee203 100644 --- a/rust/headless-client/src/main.rs +++ b/rust/headless-client/src/main.rs @@ -157,7 +157,7 @@ fn main() -> Result<()> { assert!(std::env::var(TOKEN_ENV_KEY).is_err()); // TODO: This might have the same issue with fatal errors not getting logged - // as addressed for the IPC service in PR #5216 + // as addressed for the Tunnel service in PR #5216 let (layer, _handle) = cli .log_dir .as_deref() @@ -169,7 +169,7 @@ fn main() -> Result<()> { // in case a previous run of Firezone left DNS control on and messed anything up. let dns_control_method = cli.dns_control; let mut dns_controller = DnsController { dns_control_method }; - // Deactivate Firezone DNS control in case the system or IPC service crashed + // Deactivate Firezone DNS control in case the system or Tunnel service crashed // and we need to recover. dns_controller.deactivate()?; diff --git a/rust/headless-client/src/windows.rs b/rust/headless-client/src/windows.rs index f20ad4b2d..3ee2314b6 100644 --- a/rust/headless-client/src/windows.rs +++ b/rust/headless-client/src/windows.rs @@ -1,6 +1,6 @@ -//! Implementation of headless Client and IPC service for Windows +//! Implementation of headless Client and Tunnel service for Windows //! -//! Try not to panic in the IPC service. Windows doesn't consider the +//! Try not to panic in the Tunnel service. Windows doesn't consider the //! service to be stopped even if its only process ends, for some reason. //! We must tell Windows explicitly when our service is stopping. diff --git a/rust/tests/gui-smoke-test/src/main.rs b/rust/tests/gui-smoke-test/src/main.rs index 9e500160a..7cafa861a 100644 --- a/rust/tests/gui-smoke-test/src/main.rs +++ b/rust/tests/gui-smoke-test/src/main.rs @@ -1,6 +1,6 @@ // Invoke with `cargo run --bin gui-smoke-test` // -// Starts up the IPC service and GUI app and lets them run for a bit +// Starts up the Tunnel service and GUI app and lets them run for a bit use anyhow::{Context as _, Result, bail}; use clap::Parser; @@ -14,7 +14,7 @@ use subprocess::Exec; const FZ_GROUP: &str = "firezone-client"; const GUI_NAME: &str = "firezone-gui-client"; -const IPC_NAME: &str = "firezone-client-ipc"; +const TUNNEL_NAME: &str = "firezone-client-tunnel"; #[cfg(target_os = "linux")] const EXE_EXTENSION: &str = ""; @@ -40,22 +40,22 @@ fn main() -> Result<()> { dump_syms().context("Failed to run `dump_syms`")?; // Run normal smoke test - let mut ipc_service = ipc_service_command().arg("run-smoke-test").popen()?; + let mut ipc_service = tunnel_service_command().arg("run-smoke-test").popen()?; let mut gui = app .gui_command(&["smoke-test"])? // Disable deep links because they don't work in the headless CI environment .popen()?; gui.wait()?.fz_exit_ok().context("GUI process")?; - ipc_service.wait()?.fz_exit_ok().context("IPC service")?; + ipc_service.wait()?.fz_exit_ok().context("Tunnel service")?; // Force the GUI to crash - let mut ipc_service = ipc_service_command().arg("run-smoke-test").popen()?; + let mut ipc_service = tunnel_service_command().arg("run-smoke-test").popen()?; let mut gui = app.gui_command(&["--crash"])?.popen()?; // Ignore exit status here since we asked the GUI to crash on purpose gui.wait()?; - ipc_service.wait()?.fz_exit_ok().context("IPC service")?; + ipc_service.wait()?.fz_exit_ok().context("Tunnel service")?; if cli.manual_tests { manual_tests(&app)?; @@ -70,12 +70,12 @@ fn manual_tests(app: &App) -> Result<()> { .popen()? .wait()?; - let mut ipc_service = ipc_service_command().arg("run-smoke-test").popen()?; + let mut ipc_service = tunnel_service_command().arg("run-smoke-test").popen()?; let mut gui = app.gui_command(&["--quit-after", "10"])?.popen()?; // Expect exit codes of 0 gui.wait()?.fz_exit_ok().context("GUI process")?; - ipc_service.wait()?.fz_exit_ok().context("IPC service")?; + ipc_service.wait()?.fz_exit_ok().context("Tunnel service")?; Ok(()) } @@ -184,7 +184,7 @@ fn debug_db_path() -> PathBuf { } #[cfg(target_os = "linux")] -fn ipc_service_command() -> Exec { +fn tunnel_service_command() -> Exec { Exec::cmd("sudo").args(&[ "--preserve-env", "runuser", // The `runuser` looks redundant but CI will complain if we use `sudo` directly, not sure why @@ -193,15 +193,15 @@ fn ipc_service_command() -> Exec { "--group", "firezone-client", "--whitelist-environment=RUST_LOG", - ipc_path() + tunnel_path() .to_str() .expect("IPC binary path should be valid Unicode"), ]) } #[cfg(target_os = "windows")] -fn ipc_service_command() -> Exec { - Exec::cmd(ipc_path()) +fn tunnel_service_command() -> Exec { + Exec::cmd(tunnel_path()) } // `ExitStatus::exit_ok` is nightly, so we add an equivalent here @@ -225,10 +225,10 @@ fn gui_path() -> PathBuf { .with_extension(EXE_EXTENSION) } -fn ipc_path() -> PathBuf { +fn tunnel_path() -> PathBuf { Path::new("target") .join("debug") - .join(IPC_NAME) + .join(TUNNEL_NAME) .with_extension(EXE_EXTENSION) } diff --git a/scripts/tests/gui-client-install-linux-deb.sh b/scripts/tests/gui-client-install-linux-deb.sh index f4a625539..e79771dbe 100755 --- a/scripts/tests/gui-client-install-linux-deb.sh +++ b/scripts/tests/gui-client-install-linux-deb.sh @@ -4,7 +4,7 @@ set -euox pipefail -SERVICE_NAME=firezone-client-ipc +SERVICE_NAME=firezone-client-tunnel function debug_exit() { systemctl status "$SERVICE_NAME" @@ -21,12 +21,12 @@ dpkg --listfiles firezone-client-gui dpkg --info "$DEB_PATH" # Confirm that both binaries and at least one icon were installed -which firezone-client-gui firezone-client-ipc +which firezone-client-gui firezone-client-tunnel stat /usr/share/icons/hicolor/512x512/apps/firezone-client-gui.png # Make sure the binary got built, packaged, and installed, and at least # knows its own name firezone-client-gui --help | grep "Usage: firezone-client-gui" -# Make sure the IPC service is running +# Make sure the Tunnel service is running systemctl status "$SERVICE_NAME" || debug_exit diff --git a/scripts/tests/gui-client-install-windows-msi.sh b/scripts/tests/gui-client-install-windows-msi.sh index 96cddaa51..9fcec7c57 100755 --- a/scripts/tests/gui-client-install-windows-msi.sh +++ b/scripts/tests/gui-client-install-windows-msi.sh @@ -5,5 +5,5 @@ set -euox pipefail msiexec //i "$BINARY_DEST_PATH.msi" //log install.log //qn # For debugging cat install.log -# Make sure the IPC service is running -sc query FirezoneClientIpcService | grep RUNNING +# Make sure the Tunnel service is running +sc query FirezoneClientTunnelService | grep RUNNING diff --git a/scripts/tests/linux-group.sh b/scripts/tests/linux-group.sh index 0f6653e4a..91e924a97 100755 --- a/scripts/tests/linux-group.sh +++ b/scripts/tests/linux-group.sh @@ -5,9 +5,9 @@ source "./scripts/tests/lib.sh" -BINARY_NAME=firezone-client-ipc +BINARY_NAME=firezone-client-tunnel FZ_GROUP="firezone-client" -SERVICE_NAME=firezone-client-ipc +SERVICE_NAME=firezone-client-tunnel SOCKET=/run/dev.firezone.client/tunnel.sock export RUST_LOG=info @@ -25,7 +25,7 @@ sudo cp "rust/target/debug/$BINARY_NAME" "/usr/bin/$BINARY_NAME" # Set up the systemd service sudo cp "rust/gui-client/src-tauri/deb_files/$SERVICE_NAME.service" /usr/lib/systemd/system/ -sudo cp "scripts/tests/systemd/env" "/etc/default/firezone-client-ipc" +sudo cp "scripts/tests/systemd/env" "/etc/default/firezone-client-tunnel" # The firezone group must exist before the daemon starts sudo groupadd "$FZ_GROUP" diff --git a/website/src/app/kb/administer/logs/readme.mdx b/website/src/app/kb/administer/logs/readme.mdx index ef39ac2a0..9c9c7777b 100644 --- a/website/src/app/kb/administer/logs/readme.mdx +++ b/website/src/app/kb/administer/logs/readme.mdx @@ -15,7 +15,7 @@ by advanced users and admins. | Component | Log directory | | ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | macOS Client | `~/Library/Group Containers/47R2M6779T.dev.firezone.firezone/Library/Caches/logs` for the GUI process, and `/private/var/root/Library/Group Containers/47R2M6779T.dev.firezone.firezone/Library/Caches/logs` for the tunnel process | -| Windows GUI Client | `%LOCALAPPDATA%\dev.firezone.client\data\logs` for the GUI process, and `%PROGRAMDATA%\dev.firezone.client\data\logs` for the IPC service | +| Windows GUI Client | `%LOCALAPPDATA%\dev.firezone.client\data\logs` for the GUI process, and `%PROGRAMDATA%\dev.firezone.client\data\logs` for the Tunnel service | | Linux GUI Client | `$HOME/.cache/dev.firezone.client/data/logs/` for the GUI process, and `/var/log/dev.firezone.client/` for the tunnel process | | Android/ChromeOS Client | `/data/data/dev.firezone.android/caches/logs` | | iOS Client | N/A | diff --git a/website/src/app/kb/client-apps/linux-gui-client/readme.mdx b/website/src/app/kb/client-apps/linux-gui-client/readme.mdx index 660fce43d..a9c37c3b3 100644 --- a/website/src/app/kb/client-apps/linux-gui-client/readme.mdx +++ b/website/src/app/kb/client-apps/linux-gui-client/readme.mdx @@ -65,7 +65,7 @@ already work properly. from being auto-removed if Firezone is removed) 3. `sudo dnf install ./firezone-client-gui-*.rpm` 4. `sudo usermod -aG firezone-client $USER` -5. `sudo systemctl enable firezone-client-ipc.service` (See +5. `sudo systemctl enable firezone-client-tunnel.service` (See https://www.freedesktop.org/software/systemd/man/latest/systemd.preset.html, "It is not recommended to ship preset files within the respective software packages implementing the units". The Fedora family of distros also seem to @@ -153,12 +153,12 @@ To export or clear your logs: 1. Click `Diagnostic Logs`. 1. Click `Export Logs` or `Clear Log Directory`. -The IPC service (`firezone-client-ipc.service`) also logs to stdout which is -captured by systemd and sent to journald. To view the logs of the IPC service, +The Tunnel service (`firezone-client-tunnel.service`) also logs to stdout which is +captured by systemd and sent to journald. To view the logs of the Tunnel service, use: ```bash -journalctl --pager-end --follow --unit firezone-client-ipc.service +journalctl --pager-end --follow --unit firezone-client-tunnel.service ``` The GUI client logs to journald directly as well with the syslog identifier @@ -242,15 +242,15 @@ If the network interface stays up and DNS does not revert, you can try restarting the tunnel service. Quit the Firezone GUI, then run: ```bash -sudo systemctl restart firezone-client-ipc +sudo systemctl restart firezone-client-tunnel ``` ### Viewing logs -The Firezone Client is split into 2 main processes: An IPC service which runs +The Firezone Client is split into 2 main processes: A Tunnel service which runs the tunnel, and a GUI which allows the user to control Firezone. -- IPC service logs are stored at `/var/log/dev.firezone.client/` +- Tunnel service logs are stored at `/var/log/dev.firezone.client/` - GUI logs are stored at `$HOME/.cache/dev.firezone.client/data/logs/`, where `$HOME` is, e.g. `/home/username/` diff --git a/website/src/app/kb/client-apps/windows-gui-client/readme.mdx b/website/src/app/kb/client-apps/windows-gui-client/readme.mdx index f82f962b5..1089f92b2 100644 --- a/website/src/app/kb/client-apps/windows-gui-client/readme.mdx +++ b/website/src/app/kb/client-apps/windows-gui-client/readme.mdx @@ -127,13 +127,13 @@ To fix, perform these steps: `Settings -> Network and Internet -> Additional network settings -> Network Reset -> Reset now`. 3. Reinstall Firezone and any other software you previously uninstalled. -### Check if Firezone Client IPC service is running +### Check if Firezone Client Tunnel service is running In the Start Menu, search for "Windows Powershell". Open it and run this command: ```pwsh -Get-Service -Name FirezoneClientIpcService +Get-Service -Name FirezoneClientTunnelService ``` Good output @@ -202,10 +202,10 @@ Get-DnsClientNrptRule | where Comment -eq firezone-fd0020211111 | foreach { Remo ### Viewing logs -The Firezone Client is split into 2 main processes: An IPC service which runs +The Firezone Client is split into 2 main processes: A Tunnel service which runs the tunnel, and a GUI which allows the user to control Firezone. -- IPC service logs are stored at `%PROGRAMDATA%\dev.firezone.client\data\logs\`, +- Tunnel service logs are stored at `%PROGRAMDATA%\dev.firezone.client\data\logs\`, where `%PROGRAMDATA%` is almost always `C:\ProgramData` - GUI logs are stored at `%LOCALAPPDATA%\dev.firezone.client\data\logs`, where `%LOCALAPPDATA%` is, e.g. `C:\Users\username\AppData\Local` diff --git a/website/src/components/Changelog/GUI.tsx b/website/src/components/Changelog/GUI.tsx index 2eedae9d4..6a0a990ef 100644 --- a/website/src/components/Changelog/GUI.tsx +++ b/website/src/components/Changelog/GUI.tsx @@ -17,6 +17,18 @@ export default function GUI({ os }: { os: OS }) { Launching Firezone while it is already running while now re-activate the "Welcome" screen, allowing the user to sign in and out. + {os === OS.Windows && ( + + Renames the background service from `FirezoneClientIpcService` + to `FirezoneClientTunnelService`. + + )} + {os === OS.Linux && ( + + Renames the systemd service from `firezone-client-ipc.service` + to `firezone-client-tunnel.service`. + + )}