github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e47c1766bf2cdbbb432b328e30c3ab090ef466de
firezone/rust/linux-client
History
Reactor Scram 830302af43 test(linux): Low-risk changes to prepare for Linux DNS support (#3625) 
This splits off the easy parts from #3605.

- Add quotes around `PHOENIX_SECURE_COOKIES` because my local
`docker-compose` considers unquoted 'false' to be a schema error - Env
vars are strings or numbers, not bools, it says
- Create `test.httpbin.docker.local` container in a new subnet so it can
be used as a DNS resource without the existing CIDR resource picking it
up
- Add resources and policies to `seeds.exs` per #3342
- Fix warning about `CONNLIB_LOG_UPLOAD_INTERVAL_SECS` not being set
- Add `resolv-conf` dep and unit tests to `firezone-tunnel` and
`firezone-linux-client`
- Impl `on_disconnect` in the Linux client with `tracing::error!`
- Add comments

```[tasklist]
- [x] (failed) Confirm that the client container actually does stop faster this way
- [x] Wait for tests to pass
- [x] Mark as ready for review
```
2024-02-12 19:04:51 +00:00
..
src
test(linux): Low-risk changes to prepare for Linux DNS support (#3625)
2024-02-12 19:04:51 +00:00
Cargo.toml
test(linux): Low-risk changes to prepare for Linux DNS support (#3625)
2024-02-12 19:04:51 +00:00
README.md
Allow data plane configuration at runtime (#2477)
2023-10-30 23:46:53 -07:00

README.md

linux-client

This crate houses the Firezone linux client.

Building

Assuming you have Rust installed, you can build the Linux client from a Linux host with:

cargo build --release --bin firezone-linux-client

You should then find a binary in target/release/firezone-linux-client.

Running

To run the Linux client:

  1. Generate a new Service account token from the "Actors -> Service Accounts" section of the admin portal and save it in your secrets manager. The Firezone Linux client requires a service account at this time.
  2. Ensure the FIREZONE_TOKEN=<service_account_token> environment variable is set securely in your client's shell environment. The client requires this variable at startup.
  3. Set FIREZONE_ID to a unique string to identify this client in the portal, e.g. export FIREZONE_ID=$(uuidgen). The client requires this variable at startup.
  4. Set LOG_DIR to a suitable directory for writing logs 
    export LOG_DIR=/tmp/firezone-logs
mkdir $LOG_DIR
  5. Now, you can start the client with:
./firezone-linux-client

If you're running as an unprivileged user, you'll need the CAP_NET_ADMIN capability to open /dev/net/tun. You can add this to the client binary with:

sudo setcap 'cap_net_admin+eip' /path/to/firezone-linux-client
Reference in New Issue View Git Blame Copy Permalink