github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 02:18:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(ci): use etc-resolv-conf as default in headless image (#10126)

Browse Source 
The headless client image we ship doesn't have systemd-resolved. By
default, if you try to run it without setting the `FIREZONE_DNS_CONTROL`
var, it will exit with an unhelpful error message that is difficult to
diagnose / debug for anyone unfamiliar to the inner workings of the
headless client:

```
Error: I/O error: No such file or directory (os error 2)

Caused by:
    No such file or directory (os error 2)

Stack backtrace:
   0: anyhow::error::<impl core::convert::From<E> for anyhow::Error>::from
   1: firezone_bin_shared::network_changes::imp::Worker::new_dbus::{{closure}}
   2: firezone_headless_client::main::{{closure}}
   3: tokio::runtime::runtime::Runtime::block_on
   4: firezone_headless_client::main
   5: std::sys::backtrace::__rust_begin_short_backtrace
   6: std::rt::lang_start::{{closure}}
   7: main
```

To fix this, we set `FIREZONE_DNS_CONTROL=etc-resolv-conf` for the user
inside our headless-client image.

---------

Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
This commit is contained in:
Jamil
2025-08-05 12:24:00 -04:00
committed by GitHub
parent a05067d410
commit 6ad10c8f39
4 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
rust/Dockerfile
View File

@@ -27,11 +27,11 @@ COPY ./docker-init-relay.sh ./docker-init.sh
# Headless-client specific runtime base image
FROM runtime_base AS runtime_firezone-headless-client
COPY ./docker-init.sh ./docker-init.sh
COPY ./docker-init-client.sh ./docker-init.sh
# HTTP test server specific runtime base image
FROM runtime_base AS runtime_http-test-server
COPY ./docker-init.sh ./docker-init.sh
COPY ./docker-init-http-test-server.sh ./docker-init.sh
# Funnel package specific base image back into `runtime`
ARG PACKAGE

2
rust/docker-init.sh → rust/docker-init-client.sh
View File

@@ -5,4 +5,6 @@ if [ -f "${FIREZONE_TOKEN}" ]; then
export FIREZONE_TOKEN
fi
export FIREZONE_DNS_CONTROL=${FIREZONE_DNS_CONTROL:-"etc-resolv-conf"}
exec "$@"

3
rust/docker-init-http-test-server.sh Executable file
View File

@@ -0,0 +1,3 @@
#!/bin/sh
exec "$@"

7
website/src/components/Changelog/Headless.tsx
View File

@@ -9,7 +9,12 @@ export default function Headless({ os }: { os: OS }) {
return (
<Entries downloadLinks={downloadLinks(os)} title={title(os)}>
{/* When you cut a release, remove any solved issues from the "known issues" lists over in `client-apps`. This must not be done when the issue's PR merges. */}
<Unreleased></Unreleased>
<Unreleased>
<ChangeItem pull="10126">
Sets <code>FIREZONE_DNS_CONTROL=etc-resolv-conf</code> by default in
the headless client Docker image.
</ChangeItem>
</Unreleased>
<Entry version="1.5.2" date={new Date("2025-07-28")}>
<ChangeItem pull="9985">
Fixes an issue where control plane messages could be stuck forever on