From 493716ab6b471561062a9e930cd8c6c378c06136 Mon Sep 17 00:00:00 2001 From: Reactor Scram Date: Mon, 15 Apr 2024 13:33:30 -0500 Subject: [PATCH] refactor(headless-client): change CLI args for the IPC daemon (#4604) Closes #4515 --- docker-compose.yml | 1 + rust/headless-client/Cargo.toml | 2 +- rust/headless-client/README.md | 2 +- rust/headless-client/src/lib.rs | 25 +++++++++++++++++++------ rust/headless-client/src/linux.rs | 11 +++++------ 5 files changed, 27 insertions(+), 14 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 9fe773f59..7fdc83f8b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -297,6 +297,7 @@ services: args: # TODO: Fix after #4516 lands PACKAGE: firezone-linux-client + # Add "standalone" to the command here once PR $4604 merges image: ${CLIENT_IMAGE:-us-east1-docker.pkg.dev/firezone-staging/firezone/dev/client}:${CLIENT_TAG:-main} cap_add: - NET_ADMIN diff --git a/rust/headless-client/Cargo.toml b/rust/headless-client/Cargo.toml index 07a1c88db..391908d06 100644 --- a/rust/headless-client/Cargo.toml +++ b/rust/headless-client/Cargo.toml @@ -25,8 +25,8 @@ firezone-cli-utils = { workspace = true } futures = "0.3.30" nix = { version = "0.28.0", features = ["user"] } resolv-conf = "0.7.0" -secrecy = { workspace = true } serde_json = "1.0.115" +secrecy = { workspace = true } tokio-util = { version = "0.7.10", features = ["codec"] } tracing = { workspace = true } diff --git a/rust/headless-client/README.md b/rust/headless-client/README.md index df1aabbe0..780ad20f6 100644 --- a/rust/headless-client/README.md +++ b/rust/headless-client/README.md @@ -28,7 +28,7 @@ To run the headless Client: 1. Now, you can start the client with: ``` -./firezone-headless-client +./firezone-headless-client standalone ``` If you're running as an unprivileged user, you'll need the `CAP_NET_ADMIN` diff --git a/rust/headless-client/src/lib.rs b/rust/headless-client/src/lib.rs index 2d0fa4ad2..0ccfce3f9 100644 --- a/rust/headless-client/src/lib.rs +++ b/rust/headless-client/src/lib.rs @@ -21,7 +21,8 @@ mod windows { use clap::Parser; pub async fn run() -> anyhow::Result<()> { - let _cli = super::Cli::parse(); + let cli = super::Cli::parse(); + let _cmd = cli.command(); Ok(()) } } @@ -32,11 +33,8 @@ pub use windows::run; #[derive(clap::Parser)] #[command(author, version, about, long_about = None)] struct Cli { - /// Don't act as a CLI Client, act as a tunnel for a GUI Client - /// - /// This is not supported and will change in the near future. - #[arg(long, hide = true, default_value = "false")] - pub act_as_tunnel: bool, + #[command(subcommand)] + command: Option, #[arg( short = 'u', @@ -71,3 +69,18 @@ struct Cli { #[arg(short, long, env = "MAX_PARTITION_TIME")] max_partition_time: Option, } + +impl Cli { + fn command(&self) -> Cmd { + // Needed for backwards compatibility with old Docker images + self.command.unwrap_or(Cmd::Standalone) + } +} + +#[derive(clap::Subcommand, Clone, Copy)] +enum Cmd { + /// Listen for IPC connections and act as a privileged tunnel process for a GUI client + Daemon, + /// Act as a CLI-only Client, don't listen for IPC connections + Standalone, +} diff --git a/rust/headless-client/src/linux.rs b/rust/headless-client/src/linux.rs index 5b875fe46..602485b4d 100644 --- a/rust/headless-client/src/linux.rs +++ b/rust/headless-client/src/linux.rs @@ -1,4 +1,4 @@ -use super::Cli; +use super::{Cli, Cmd}; use anyhow::{Context, Result}; use clap::Parser; use connlib_client_shared::{file_logger, Callbacks, Session, Sockets}; @@ -28,10 +28,9 @@ pub async fn run() -> Result<()> { let (layer, _handle) = cli.log_dir.as_deref().map(file_logger::layer).unzip(); setup_global_subscriber(layer); - if cli.act_as_tunnel { - run_tunnel(cli).await - } else { - run_standalone(cli).await + match cli.command() { + Cmd::Daemon => run_daemon(cli).await, + Cmd::Standalone => run_standalone(cli).await, } } @@ -175,7 +174,7 @@ fn parse_resolvectl_output(s: &str) -> Vec { .collect() } -async fn run_tunnel(_cli: Cli) -> Result<()> { +async fn run_daemon(_cli: Cli) -> Result<()> { let sock_path = dirs::runtime_dir() .context("Failed to get `runtime_dir`")? .join("dev.firezone.client_ipc");