github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(windows-client): proof of concept for installing a system service with WiX (#4903)

Browse Source 
```[tasklist]
### Before merging
- [x] Make sure the service auto-starts
- [x] Make the process idle and report its status to Windows properly using https://github.com/mullvad/windows-service-rs
- [x] DRY log dir code
- [x] Figure out where service logs will go and how the GUI will zip them
- [x] Make sure the service gets a shut down signal from Windows (this is hard to catch in the Tauri GUI)
- [x] Make sure the service restarts when Firezone is updated
- [x] Make sure the service is stopped and un-installed when Firezone is un-installed
- [x] Add test to install the MSI and check that the service runs
- [x] (will move to another PR) ~~Clean up function names~~
- [x] Make sure the Linux GUI was not broken by refactoring
```
This commit is contained in:
Reactor Scram
2024-05-13 09:08:21 -05:00
committed by GitHub
parent 0f112e0e69
commit 5814efc036
11 changed files with 533 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
rust/Cargo.lock generated
View File

@@ -1955,6 +1955,7 @@ dependencies = [
"git-version",
"humantime",
"ipconfig",
"known-folders",
"nix 0.28.0",
"resolv-conf",
"sd-notify",
@@ -1964,7 +1965,9 @@ dependencies = [
"tokio",
"tokio-util",
"tracing",
"tracing-subscriber",
"url",
"windows-service",
]
[[package]]
@@ -7535,6 +7538,17 @@ dependencies = [
"windows-targets 0.52.5",
]
[[package]]
name = "windows-service"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d24d6bcc7f734a4091ecf8d7a64c5f7d7066f45585c1861eba06449909609c8a"
dependencies = [
"bitflags 2.5.0",
"widestring",
"windows-sys 0.52.0",
]
[[package]]
name = "windows-sys"
version = "0.36.1"

2
rust/gui-client/docs/intended_behavior.md
View File

@@ -39,7 +39,7 @@ Best performed on a clean VM
1. Export the logs
1. Expect the zip file to start with "firezone_logs_"
1. Expect `zipinfo` to show a single directory in the root of the zip, to prevent zip bombing
1. Expect two subdirectories in the zip, "connlib", and "app", each with 3 files, totalling 6 files
1. Expect two subdirectories in the zip, "connlib", and "app", with 3 and 2 files respectively, totalling 5 files
## Settings tab

9
rust/gui-client/src-tauri/tauri.conf.json
View File

@@ -35,7 +35,14 @@
"icons/icon.png"
],
"publisher": "Firezone",
"shortDescription": "Firezone"
"shortDescription": "Firezone",
"windows": {
"wix": {
"componentRefs": ["FirezoneClientIpcService"],
"fragmentPaths": ["./win_files/service.wxs"],
"template": "./win_files/main.wxs"
}
}
},
"security": {
"csp": null

315
rust/gui-client/src-tauri/win_files/main.wxs Normal file
View File

@@ -0,0 +1,315 @@
<!-- Copied from https://github.com/tauri-apps/tauri/blob/1.x/tooling/bundler/src/bundle/windows/templates/main.wxs
Modified to not put the bin targets in Program Files since that messes up the ServiceInstall
component.
-->
<?if $(sys.BUILDARCH)="x86"?>
<?define Win64 = "no" ?>
<?define PlatformProgramFilesFolder = "ProgramFilesFolder" ?>
<?elseif $(sys.BUILDARCH)="x64"?>
<?define Win64 = "yes" ?>
<?define PlatformProgramFilesFolder = "ProgramFiles64Folder" ?>
<?else?>
<?error Unsupported value of sys.BUILDARCH=$(sys.BUILDARCH)?>
<?endif?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
<Product
Id="*"
Name="{{product_name}}"
UpgradeCode="{{upgrade_code}}"
Language="!(loc.TauriLanguage)"
Manufacturer="{{manufacturer}}"
Version="{{version}}">
<Package Id="*"
Keywords="Installer"
InstallerVersion="450"
Languages="0"
Compressed="yes"
InstallScope="perMachine"
SummaryCodepage="!(loc.TauriCodepage)"/>
<!-- https://docs.microsoft.com/en-us/windows/win32/msi/reinstallmode -->
<!-- reinstall all files; rewrite all registry entries; reinstall all shortcuts -->
<Property Id="REINSTALLMODE" Value="amus" />
{{#if allow_downgrades}}
<MajorUpgrade Schedule="afterInstallInitialize" AllowDowngrades="yes" />
{{else}}
<MajorUpgrade Schedule="afterInstallInitialize" DowngradeErrorMessage="!(loc.DowngradeErrorMessage)" AllowSameVersionUpgrades="yes" />
{{/if}}
<InstallExecuteSequence>
<RemoveShortcuts>Installed AND NOT UPGRADINGPRODUCTCODE</RemoveShortcuts>
</InstallExecuteSequence>
<Media Id="1" Cabinet="app.cab" EmbedCab="yes" />
{{#if banner_path}}
<WixVariable Id="WixUIBannerBmp" Value="{{banner_path}}" />
{{/if}}
{{#if dialog_image_path}}
<WixVariable Id="WixUIDialogBmp" Value="{{dialog_image_path}}" />
{{/if}}
{{#if license}}
<WixVariable Id="WixUILicenseRtf" Value="{{license}}" />
{{/if}}
<Icon Id="ProductIcon" SourceFile="{{icon_path}}"/>
<Property Id="ARPPRODUCTICON" Value="ProductIcon" />
<Property Id="ARPNOREPAIR" Value="yes" Secure="yes" /> <!-- Remove repair -->
<SetProperty Id="ARPNOMODIFY" Value="1" After="InstallValidate" Sequence="execute"/>
<!-- initialize with previous InstallDir -->
<Property Id="INSTALLDIR">
<RegistrySearch Id="PrevInstallDirReg" Root="HKCU" Key="Software\\{{manufacturer}}\\{{product_name}}" Name="InstallDir" Type="raw"/>
</Property>
<!-- launch app checkbox -->
<Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOXTEXT" Value="!(loc.LaunchApp)" />
<Property Id="WIXUI_EXITDIALOGOPTIONALCHECKBOX" Value="1"/>
<Property Id="WixShellExecTarget" Value="[!Path]" />
<CustomAction Id="LaunchApplication" BinaryKey="WixCA" DllEntry="WixShellExec" Impersonate="yes" />
<UI>
<!-- launch app checkbox -->
<Publish Dialog="ExitDialog" Control="Finish" Event="DoAction" Value="LaunchApplication">WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed</Publish>
<Property Id="WIXUI_INSTALLDIR" Value="INSTALLDIR" />
{{#unless license}}
<!-- Skip license dialog -->
<Publish Dialog="WelcomeDlg"
Control="Next"
Event="NewDialog"
Value="InstallDirDlg"
Order="2">1</Publish>
<Publish Dialog="InstallDirDlg"
Control="Back"
Event="NewDialog"
Value="WelcomeDlg"
Order="2">1</Publish>
{{/unless}}
</UI>
<UIRef Id="WixUI_InstallDir" />
<Directory Id="TARGETDIR" Name="SourceDir">
<Directory Id="DesktopFolder" Name="Desktop">
<Component Id="ApplicationShortcutDesktop" Guid="*">
<Shortcut Id="ApplicationDesktopShortcut" Name="{{product_name}}" Description="Runs {{product_name}}" Target="[!Path]" WorkingDirectory="INSTALLDIR" />
<RemoveFolder Id="DesktopFolder" On="uninstall" />
<RegistryValue Root="HKCU" Key="Software\\{{manufacturer}}\\{{product_name}}" Name="Desktop Shortcut" Type="integer" Value="1" KeyPath="yes" />
</Component>
</Directory>
<Directory Id="$(var.PlatformProgramFilesFolder)" Name="PFiles">
<Directory Id="INSTALLDIR" Name="{{product_name}}"/>
</Directory>
<Directory Id="ProgramMenuFolder">
<Directory Id="ApplicationProgramsFolder" Name="{{product_name}}"/>
</Directory>
</Directory>
<DirectoryRef Id="INSTALLDIR">
<Component Id="RegistryEntries" Guid="*">
<RegistryKey Root="HKCU" Key="Software\\{{manufacturer}}\\{{product_name}}">
<RegistryValue Name="InstallDir" Type="string" Value="[INSTALLDIR]" KeyPath="yes" />
</RegistryKey>
</Component>
<Component Id="Path" Guid="{{path_component_guid}}" Win64="$(var.Win64)">
<File Id="Path" Source="{{app_exe_source}}" KeyPath="yes" Checksum="yes"/>
</Component>
{{#each binaries as |bin| ~}}
<!--<Component Id="{{ bin.id }}" Guid="{{bin.guid}}" Win64="$(var.Win64)">
<File Id="Bin_{{ bin.id }}" Source="{{bin.path}}" KeyPath="yes"/>
</Component>-->
{{/each~}}
{{#if enable_elevated_update_task}}
<Component Id="UpdateTask" Guid="C492327D-9720-4CD5-8DB8-F09082AF44BE" Win64="$(var.Win64)">
<File Id="UpdateTask" Source="update.xml" KeyPath="yes" Checksum="yes"/>
</Component>
<Component Id="UpdateTaskInstaller" Guid="011F25ED-9BE3-50A7-9E9B-3519ED2B9932" Win64="$(var.Win64)">
<File Id="UpdateTaskInstaller" Source="install-task.ps1" KeyPath="yes" Checksum="yes"/>
</Component>
<Component Id="UpdateTaskUninstaller" Guid="D4F6CC3F-32DC-5FD0-95E8-782FFD7BBCE1" Win64="$(var.Win64)">
<File Id="UpdateTaskUninstaller" Source="uninstall-task.ps1" KeyPath="yes" Checksum="yes"/>
</Component>
{{/if}}
{{resources}}
<Component Id="CMP_UninstallShortcut" Guid="*">
<Shortcut Id="UninstallShortcut"
Name="Uninstall {{product_name}}"
Description="Uninstalls {{product_name}}"
Target="[System64Folder]msiexec.exe"
Arguments="/x [ProductCode]" />
<RemoveFolder Id="INSTALLDIR"
On="uninstall" />
<RegistryValue Root="HKCU"
Key="Software\\{{manufacturer}}\\{{product_name}}"
Name="Uninstaller Shortcut"
Type="integer"
Value="1"
KeyPath="yes" />
</Component>
</DirectoryRef>
<DirectoryRef Id="ApplicationProgramsFolder">
<Component Id="ApplicationShortcut" Guid="*">
<Shortcut Id="ApplicationStartMenuShortcut"
Name="{{product_name}}"
Description="Runs {{product_name}}"
Target="[!Path]"
Icon="ProductIcon"
WorkingDirectory="INSTALLDIR">
<ShortcutProperty Key="System.AppUserModel.ID" Value="{{bundle_id}}"/>
</Shortcut>
<RemoveFolder Id="ApplicationProgramsFolder" On="uninstall"/>
<RegistryValue Root="HKCU" Key="Software\\{{manufacturer}}\\{{product_name}}" Name="Start Menu Shortcut" Type="integer" Value="1" KeyPath="yes"/>
</Component>
</DirectoryRef>
{{#each merge_modules as |msm| ~}}
<DirectoryRef Id="TARGETDIR">
<Merge Id="{{ msm.name }}" SourceFile="{{ msm.path }}" DiskId="1" Language="!(loc.TauriLanguage)" />
</DirectoryRef>
<Feature Id="{{ msm.name }}" Title="{{ msm.name }}" AllowAdvertise="no" Display="hidden" Level="1">
<MergeRef Id="{{ msm.name }}"/>
</Feature>
{{/each~}}
<Feature
Id="MainProgram"
Title="Application"
Description="!(loc.InstallAppFeature)"
Level="1"
ConfigurableDirectory="INSTALLDIR"
AllowAdvertise="no"
Display="expand"
Absent="disallow">
<ComponentRef Id="RegistryEntries"/>
{{#each resource_file_ids as |resource_file_id| ~}}
<ComponentRef Id="{{ resource_file_id }}"/>
{{/each~}}
{{#if enable_elevated_update_task}}
<ComponentRef Id="UpdateTask" />
<ComponentRef Id="UpdateTaskInstaller" />
<ComponentRef Id="UpdateTaskUninstaller" />
{{/if}}
<Feature Id="ShortcutsFeature"
Title="Shortcuts"
Level="1">
<ComponentRef Id="Path"/>
<ComponentRef Id="CMP_UninstallShortcut" />
<ComponentRef Id="ApplicationShortcut" />
<ComponentRef Id="ApplicationShortcutDesktop" />
</Feature>
<Feature
Id="Environment"
Title="PATH Environment Variable"
Description="!(loc.PathEnvVarFeature)"
Level="1"
Absent="allow">
<ComponentRef Id="Path"/>
{{#each binaries as |bin| ~}}
<!--<ComponentRef Id="{{ bin.id }}"/>-->
{{/each~}}
</Feature>
</Feature>
<Feature Id="External" AllowAdvertise="no" Absent="disallow">
{{#each component_group_refs as |id| ~}}
<ComponentGroupRef Id="{{ id }}"/>
{{/each~}}
{{#each component_refs as |id| ~}}
<ComponentRef Id="{{ id }}"/>
{{/each~}}
{{#each feature_group_refs as |id| ~}}
<FeatureGroupRef Id="{{ id }}"/>
{{/each~}}
{{#each feature_refs as |id| ~}}
<FeatureRef Id="{{ id }}"/>
{{/each~}}
{{#each merge_refs as |id| ~}}
<MergeRef Id="{{ id }}"/>
{{/each~}}
</Feature>
{{#if install_webview}}
<!-- WebView2 -->
<Property Id="WVRTINSTALLED">
<RegistrySearch Id="WVRTInstalledSystem" Root="HKLM" Key="SOFTWARE\Microsoft\EdgeUpdate\Clients\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}" Name="pv" Type="raw" Win64="no" />
<RegistrySearch Id="WVRTInstalledUser" Root="HKCU" Key="SOFTWARE\Microsoft\EdgeUpdate\Clients\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}" Name="pv" Type="raw"/>
</Property>
{{#if download_bootstrapper}}
<CustomAction Id='DownloadAndInvokeBootstrapper' Directory="INSTALLDIR" Execute="deferred" ExeCommand='powershell.exe -NoProfile -windowstyle hidden try [\{] [\[]Net.ServicePointManager[\]]::SecurityProtocol = [\[]Net.SecurityProtocolType[\]]::Tls12 [\}] catch [\{][\}]; Invoke-WebRequest -Uri "https://go.microsoft.com/fwlink/p/?LinkId=2124703" -OutFile "$env:TEMP\MicrosoftEdgeWebview2Setup.exe" ; Start-Process -FilePath "$env:TEMP\MicrosoftEdgeWebview2Setup.exe" -ArgumentList ({{webview_installer_args}} &apos;/install&apos;) -Wait' Return='check'/>
<InstallExecuteSequence>
<Custom Action='DownloadAndInvokeBootstrapper' Before='InstallFinalize'>
<![CDATA[NOT(REMOVE OR WVRTINSTALLED)]]>
</Custom>
</InstallExecuteSequence>
{{/if}}
<!-- Embedded webview bootstrapper mode -->
{{#if webview2_bootstrapper_path}}
<Binary Id="MicrosoftEdgeWebview2Setup.exe" SourceFile="{{webview2_bootstrapper_path}}"/>
<CustomAction Id='InvokeBootstrapper' BinaryKey='MicrosoftEdgeWebview2Setup.exe' Execute="deferred" ExeCommand='{{webview_installer_args}} /install' Return='check' />
<InstallExecuteSequence>
<Custom Action='InvokeBootstrapper' Before='InstallFinalize'>
<![CDATA[NOT(REMOVE OR WVRTINSTALLED)]]>
</Custom>
</InstallExecuteSequence>
{{/if}}
<!-- Embedded offline installer -->
{{#if webview2_installer_path}}
<Binary Id="MicrosoftEdgeWebView2RuntimeInstaller.exe" SourceFile="{{webview2_installer_path}}"/>
<CustomAction Id='InvokeStandalone' BinaryKey='MicrosoftEdgeWebView2RuntimeInstaller.exe' Execute="deferred" ExeCommand='{{webview_installer_args}} /install' Return='check' />
<InstallExecuteSequence>
<Custom Action='InvokeStandalone' Before='InstallFinalize'>
<![CDATA[NOT(REMOVE OR WVRTINSTALLED)]]>
</Custom>
</InstallExecuteSequence>
{{/if}}
{{/if}}
{{#if enable_elevated_update_task}}
<!-- Install an elevated update task within Windows Task Scheduler -->
<CustomAction
Id="CreateUpdateTask"
Return="check"
Directory="INSTALLDIR"
Execute="commit"
Impersonate="yes"
ExeCommand="powershell.exe -WindowStyle hidden .\install-task.ps1" />
<InstallExecuteSequence>
<Custom Action='CreateUpdateTask' Before='InstallFinalize'>
NOT(REMOVE)
</Custom>
</InstallExecuteSequence>
<!-- Remove elevated update task during uninstall -->
<CustomAction
Id="DeleteUpdateTask"
Return="check"
Directory="INSTALLDIR"
ExeCommand="powershell.exe -WindowStyle hidden .\uninstall-task.ps1" />
<InstallExecuteSequence>
<Custom Action="DeleteUpdateTask" Before='InstallFinalize'>
(REMOVE = "ALL") AND NOT UPGRADINGPRODUCTCODE
</Custom>
</InstallExecuteSequence>
{{/if}}
<SetProperty Id="ARPINSTALLLOCATION" Value="[INSTALLDIR]" After="CostFinalize"/>
</Product>
</Wix>

23
rust/gui-client/src-tauri/win_files/service.wxs Normal file
View File

@@ -0,0 +1,23 @@
<?xml version="1.0" encoding="utf-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
<Fragment>
<DirectoryRef Id="INSTALLDIR">
<Component Id="FirezoneClientIpcService" Guid="a8092ff9-30fa-48bb-9b2d-45fe39d16c66">
<File Id="FirezoneClientIpcServiceExe" Name="firezone-client-ipc.exe" Source="../../firezone-client-ipc.exe" KeyPath="yes" />
<ServiceInstall
Id="FirezoneClientServiceInstaller"
Arguments="ipc-service"
Type="ownProcess"
Vital="yes"
Name="FirezoneClientIpcService"
DisplayName="Firezone Client IPC"
Start="auto"
Account="LocalSystem"
ErrorControl="normal"
Interactive="no">
</ServiceInstall>
<ServiceControl Id="FirezoneClientServiceControl" Start="install" Stop="both" Remove="both" Name="FirezoneClientIpcService" Wait="yes" />
</Component>
</DirectoryRef>
</Fragment>
</Wix>

3
rust/headless-client/Cargo.toml
View File

@@ -37,6 +37,9 @@ dirs = "5.0.1"
[target.'cfg(target_os = "windows")'.dependencies]
ipconfig = "0.3.2"
known-folders = "1.1.0"
tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
windows-service = "0.7.0"
[lints]
workspace = true

17
rust/headless-client/src/imp_linux.rs
View File

@@ -63,8 +63,12 @@ pub fn default_token_path() -> PathBuf {
.join("token")
}
/// Only called from the GUI Client's build of the IPC service
///
/// On Linux this is the same as running with `ipc-service`
pub fn run_only_ipc_service() -> Result<()> {
let cli = Cli::parse();
// systemd supplies this but maybe we should hard-code a better default
let (layer, _handle) = cli.log_dir.as_deref().map(file_logger::layer).unzip();
setup_global_subscriber(layer);
tracing::info!(git_version = crate::GIT_VERSION);
@@ -72,7 +76,9 @@ pub fn run_only_ipc_service() -> Result<()> {
if !nix::unistd::getuid().is_root() {
anyhow::bail!("This is the IPC service binary, it's not meant to run interactively.");
}
run_ipc_service(cli)
let rt = tokio::runtime::Runtime::new()?;
let (_shutdown_tx, shutdown_rx) = mpsc::channel(1);
run_ipc_service(cli, rt, shutdown_rx)
}
pub(crate) fn check_token_permissions(path: &Path) -> Result<()> {
@@ -178,9 +184,12 @@ pub fn sock_path() -> PathBuf {
.join("ipc.sock")
}
pub(crate) fn run_ipc_service(cli: Cli) -> Result<()> {
let rt = tokio::runtime::Runtime::new()?;
tracing::info!("run_daemon");
pub(crate) fn run_ipc_service(
cli: Cli,
rt: tokio::runtime::Runtime,
_shutdown_rx: mpsc::Receiver<()>,
) -> Result<()> {
tracing::info!("run_ipc_service");
rt.block_on(async { ipc_listen(cli).await })
}

138
rust/headless-client/src/imp_windows.rs
View File

@@ -1,13 +1,28 @@
use crate::Cli;
use anyhow::Result;
use anyhow::{Context as _, Result};
use clap::Parser;
use connlib_client_shared::file_logger;
use firezone_cli_utils::setup_global_subscriber;
use std::{
ffi::OsString,
net::IpAddr,
path::{Path, PathBuf},
str::FromStr,
task::{Context, Poll},
time::Duration,
};
use tokio::sync::mpsc;
use tracing::subscriber::set_global_default;
use tracing_subscriber::{layer::SubscriberExt as _, EnvFilter, Layer, Registry};
use windows_service::{
service::{
ServiceControl, ServiceControlAccept, ServiceExitCode, ServiceState, ServiceStatus,
ServiceType,
},
service_control_handler::{self, ServiceControlHandlerResult},
};
const SERVICE_NAME: &str = "firezone_client_ipc";
const SERVICE_TYPE: ServiceType = ServiceType::OWN_PROCESS;
pub(crate) struct Signals {
sigint: tokio::signal::windows::CtrlC,
@@ -39,18 +54,119 @@ pub(crate) fn default_token_path() -> std::path::PathBuf {
PathBuf::from("token.txt")
}
/// Only called from the GUI Client's build of the IPC service
///
/// On Windows, this is wrapped specially so that Windows' service controller
/// can launch it.
pub fn run_only_ipc_service() -> Result<()> {
let cli = Cli::parse();
let (layer, _handle) = cli.log_dir.as_deref().map(file_logger::layer).unzip();
setup_global_subscriber(layer);
tracing::info!(git_version = crate::GIT_VERSION);
run_ipc_service(cli)
windows_service::service_dispatcher::start(SERVICE_NAME, ffi_service_run)?;
Ok(())
}
pub(crate) fn run_ipc_service(_cli: Cli) -> Result<()> {
// TODO: Process split on Windows
todo!()
// Generates `ffi_service_run` from `service_run`
windows_service::define_windows_service!(ffi_service_run, windows_service_run);
fn windows_service_run(_arguments: Vec<OsString>) {
if let Err(_e) = fallible_windows_service_run() {
todo!();
}
}
#[cfg(debug_assertions)]
const SERVICE_RUST_LOG: &str = "debug";
#[cfg(not(debug_assertions))]
const SERVICE_RUST_LOG: &str = "info";
// Most of the Windows-specific service stuff should go here
fn fallible_windows_service_run() -> Result<()> {
let cli = Cli::parse();
let log_path =
crate::known_dirs::imp::ipc_service_logs().context("Can't compute IPC service logs dir")?;
std::fs::create_dir_all(&log_path)?;
let (layer, _handle) = file_logger::layer(&log_path);
let filter = EnvFilter::from_str(SERVICE_RUST_LOG)?;
let subscriber = Registry::default().with(layer.with_filter(filter));
set_global_default(subscriber)?;
tracing::info!(git_version = crate::GIT_VERSION);
let rt = tokio::runtime::Runtime::new()?;
let (shutdown_tx, shutdown_rx) = mpsc::channel(1);
let event_handler = move |control_event| -> ServiceControlHandlerResult {
tracing::debug!(?control_event);
match control_event {
// TODO
ServiceControl::Interrogate => ServiceControlHandlerResult::NoError,
ServiceControl::Stop => {
tracing::info!("Got stop signal from service controller");
shutdown_tx.blocking_send(()).unwrap();
ServiceControlHandlerResult::NoError
}
ServiceControl::UserEvent(_) => ServiceControlHandlerResult::NoError,
ServiceControl::Continue
| ServiceControl::NetBindAdd
| ServiceControl::NetBindDisable
| ServiceControl::NetBindEnable
| ServiceControl::NetBindRemove
| ServiceControl::ParamChange
| ServiceControl::Pause
| ServiceControl::Preshutdown
| ServiceControl::Shutdown
| ServiceControl::HardwareProfileChange(_)
| ServiceControl::PowerEvent(_)
| ServiceControl::SessionChange(_)
| ServiceControl::TimeChange
| ServiceControl::TriggerEvent => ServiceControlHandlerResult::NotImplemented,
_ => ServiceControlHandlerResult::NotImplemented,
}
};
// Tell Windows that we're running (equivalent to sd_notify in systemd)
let status_handle = service_control_handler::register(SERVICE_NAME, event_handler)?;
status_handle.set_service_status(ServiceStatus {
service_type: SERVICE_TYPE,
current_state: ServiceState::Running,
controls_accepted: ServiceControlAccept::STOP | ServiceControlAccept::SHUTDOWN,
exit_code: ServiceExitCode::Win32(0),
checkpoint: 0,
wait_hint: Duration::default(),
process_id: None,
})?;
run_ipc_service(cli, rt, shutdown_rx)?;
// Tell Windows that we're stopping
status_handle.set_service_status(ServiceStatus {
service_type: SERVICE_TYPE,
current_state: ServiceState::Stopped,
controls_accepted: ServiceControlAccept::empty(),
exit_code: ServiceExitCode::Win32(0),
checkpoint: 0,
wait_hint: Duration::default(),
process_id: None,
})?;
Ok(())
}
/// Common entry point for both the Windows-wrapped IPC service and the debug IPC service
///
/// Running as a Windows service is complicated, so to make debugging easier
/// we'll have a dev-only mode that runs all the IPC code as a normal process
/// in an admin console.
pub(crate) fn run_ipc_service(
cli: Cli,
rt: tokio::runtime::Runtime,
shutdown_rx: mpsc::Receiver<()>,
) -> Result<()> {
tracing::info!("run_ipc_service");
rt.block_on(async { ipc_listen(cli, shutdown_rx).await })
}
async fn ipc_listen(_cli: Cli, mut shutdown_rx: mpsc::Receiver<()>) -> Result<()> {
shutdown_rx.recv().await;
Ok(())
}
pub fn system_resolvers() -> Result<Vec<IpAddr>> {

15
rust/headless-client/src/known_dirs.rs
View File

@@ -10,7 +10,7 @@
pub use imp::{logs, runtime, session, settings};
#[cfg(any(target_os = "linux", target_os = "macos"))]
mod imp {
pub mod imp {
use connlib_shared::BUNDLE_ID;
use std::path::PathBuf;
@@ -47,9 +47,20 @@ mod imp {
}
#[cfg(target_os = "windows")]
mod imp {
pub mod imp {
use connlib_shared::BUNDLE_ID;
use known_folders::{get_known_folder_path, KnownFolder};
use std::path::PathBuf;
pub fn ipc_service_logs() -> Option<PathBuf> {
Some(
get_known_folder_path(KnownFolder::ProgramData)?
.join(BUNDLE_ID)
.join("data")
.join("logs"),
)
}
/// e.g. `C:\Users\Alice\AppData\Local\dev.firezone.client\data\logs`
///
/// See connlib docs for details

18
rust/headless-client/src/lib.rs
View File

@@ -165,15 +165,20 @@ pub fn run() -> Result<()> {
tracing::info!(git_version = crate::GIT_VERSION);
let rt = tokio::runtime::Builder::new_current_thread()
.enable_all()
.build()?;
let (_shutdown_tx, shutdown_rx) = mpsc::channel(1);
match cli.command() {
Cmd::Auto => {
if let Some(token) = get_token(token_env_var, &cli)? {
run_standalone(cli, &token)
run_standalone(cli, rt, &token)
} else {
imp::run_ipc_service(cli)
imp::run_ipc_service(cli, rt, shutdown_rx)
}
}
Cmd::IpcService => imp::run_ipc_service(cli),
Cmd::IpcService => imp::run_ipc_service(cli, rt, shutdown_rx),
Cmd::Standalone => {
let token = get_token(token_env_var, &cli)?.with_context(|| {
format!(
@@ -181,7 +186,7 @@ pub fn run() -> Result<()> {
cli.token_path
)
})?;
run_standalone(cli, &token)
run_standalone(cli, rt, &token)
}
}
}
@@ -193,11 +198,8 @@ enum SignalKind {
Interrupt,
}
fn run_standalone(cli: Cli, token: &SecretString) -> Result<()> {
fn run_standalone(cli: Cli, rt: tokio::runtime::Runtime, token: &SecretString) -> Result<()> {
tracing::info!("Running in standalone mode");
let rt = tokio::runtime::Builder::new_current_thread()
.enable_all()
.build()?;
let _guard = rt.enter();
// TODO: Should this default to 30 days?
let max_partition_time = cli.max_partition_time.map(|d| d.into());

6
scripts/build/tauri-rename-windows.sh
View File

@@ -17,3 +17,9 @@ function make_hash() {
make_hash "$BINARY_DEST_PATH.exe"
make_hash "$BINARY_DEST_PATH.msi"
make_hash "$BINARY_DEST_PATH.pdb"
# Test-install the MSI package, since it already exists here
msiexec //i "$BINARY_DEST_PATH.msi" //log install.log //qn
# For debugging
cat install.log
sc query FirezoneClientIpcService | grep RUNNING