diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 9206ecb..aea8672 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -3,10 +3,13 @@ "build": { "dockerfile": "Dockerfile" }, - "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], - + "runArgs": [ + "--cap-add=SYS_PTRACE", + "--security-opt", + "seccomp=unconfined" + ], // Set *default* container specific settings.json values on container create. - "settings": { + "settings": { "terminal.integrated.shell.linux": "/bin/bash", "lldb.executable": "/usr/bin/lldb", // VS Code don't watch files under ./target @@ -14,22 +17,20 @@ "**/target/**": true } }, - // Add the IDs of extensions you want installed when the container is created. "extensions": [ - "rust-lang.rust", "bungcip.better-toml", "vadimcn.vscode-lldb", - "mutantdino.resourcemonitor", + "serayuzgur.crates", + "editorconfig.editorconfig", + "swellaby.vscode-rust-test-adapter", + "matklad.rust-analyzer", "asciidoctor.asciidoctor-vscode" ], - // Use 'forwardPorts' to make a list of ports inside the container available locally. // "forwardPorts": [], - // Use 'postCreateCommand' to run commands after the container is created. // "postCreateCommand": "rustc --version", - // Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root. "remoteUser": "vscode" -} +} \ No newline at end of file diff --git a/.github/actions/build-deb/Dockerfile b/.github/actions/build-deb/Dockerfile index 8d6e99e..c2e0889 100644 --- a/.github/actions/build-deb/Dockerfile +++ b/.github/actions/build-deb/Dockerfile @@ -11,9 +11,7 @@ RUN apt-get update \ libc6-dev-i386 \ gcc-5-multilib \ asciidoctor \ - && rm -rf /var/cache/dpkg - -RUN ln -s asm-generic/ /usr/include/asm + && apt-get clean && rm -rf /var/lib/apt/lists/* ADD entrypoint.sh /entrypoint.sh diff --git a/.github/actions/build-deb/action.yml b/.github/actions/build-deb/action.yml index 9840a23..cab58f3 100644 --- a/.github/actions/build-deb/action.yml +++ b/.github/actions/build-deb/action.yml @@ -1,11 +1,5 @@ name: 'build-deb' description: 'Create deb packages' -inputs: - rust: - description: Rust version - default: 'stable' runs: using: 'docker' image: 'Dockerfile' - env: - RUST: ${{ inputs.rust }} diff --git a/.github/actions/build-deb/entrypoint.sh b/.github/actions/build-deb/entrypoint.sh index df7ee65..166a9c1 100755 --- a/.github/actions/build-deb/entrypoint.sh +++ b/.github/actions/build-deb/entrypoint.sh @@ -2,7 +2,14 @@ set -e -curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST} +TOOLCHAIN=$(grep -e '^toolchain =' Cargo.toml | sed -e 's/toolchain = "\(.*\)"/\1/') + +VERSION=$(grep -e '^version =' Cargo.toml | sed -e 's/version = "\(.*\)"/\1/') +DEB_VERSION=$(echo "$VERSION" | sed -e 's/-/~/g') + +ln -s asm-generic/ /usr/include/asm + +curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${TOOLCHAIN} source $HOME/.cargo/env rustup target add i686-unknown-linux-gnu @@ -11,22 +18,18 @@ rustup target add aarch64-unknown-linux-gnu cargo install cargo-deb -VERSION=$(grep -e '^version =' Cargo.toml | sed -e 's/version = "\(.*\)"/\1/') -DEB_VERSION=$(echo "$VERSION" | sed -e 's/-/~/g') - mkdir dist +build_deb() { + ARCH=$1 + TARGET=$2 + cargo deb --target ${TARGET} + cp target/${TARGET}/debian/vpncloud_${DEB_VERSION}_${ARCH}.deb dist/vpncloud_${DEB_VERSION}_${ARCH}.deb +} + cargo deb cp target/debian/vpncloud_${DEB_VERSION}_amd64.deb dist/vpncloud_${DEB_VERSION}_amd64.deb -# i386 deb -cargo deb --target i686-unknown-linux-gnu -cp target/i686-unknown-linux-gnu/debian/vpncloud_${DEB_VERSION}_i386.deb dist/vpncloud_${DEB_VERSION}_i386.deb - -# arm7hf deb -cargo deb --target armv7-unknown-linux-gnueabihf -cp target/armv7-unknown-linux-gnueabihf/debian/vpncloud_${DEB_VERSION}_armhf.deb dist/vpncloud_${DEB_VERSION}_armhf.deb - -# aarch64 deb -cargo deb --target aarch64-unknown-linux-gnu -cp target/aarch64-unknown-linux-gnu/debian/vpncloud_${DEB_VERSION}_arm64.deb dist/vpncloud_${DEB_VERSION}_arm64.deb \ No newline at end of file +build_deb i386 i686-unknown-linux-gnu +build_deb armhf armv7-unknown-linux-gnueabihf +build_deb arm64 aarch64-unknown-linux-gnu \ No newline at end of file diff --git a/.github/actions/build-rpm/Dockerfile b/.github/actions/build-rpm/Dockerfile index e2ce6f7..375c652 100644 --- a/.github/actions/build-rpm/Dockerfile +++ b/.github/actions/build-rpm/Dockerfile @@ -2,6 +2,9 @@ FROM centos:7 RUN yum groupinstall -y 'Development Tools' RUN yum install -y ruby && gem install asciidoctor -v 2.0.10 +RUN yum install -y libstdc++-*.i686 \ + && yum install -y glibc-*.i686 \ + && yum install -y libgcc.i686 ADD entrypoint.sh /entrypoint.sh diff --git a/.github/actions/build-rpm/action.yml b/.github/actions/build-rpm/action.yml index 9840a23..cab58f3 100644 --- a/.github/actions/build-rpm/action.yml +++ b/.github/actions/build-rpm/action.yml @@ -1,11 +1,5 @@ name: 'build-deb' description: 'Create deb packages' -inputs: - rust: - description: Rust version - default: 'stable' runs: using: 'docker' image: 'Dockerfile' - env: - RUST: ${{ inputs.rust }} diff --git a/.github/actions/build-rpm/entrypoint.sh b/.github/actions/build-rpm/entrypoint.sh index 221fa29..15410b8 100755 --- a/.github/actions/build-rpm/entrypoint.sh +++ b/.github/actions/build-rpm/entrypoint.sh @@ -2,13 +2,7 @@ set -e -curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST} -source $HOME/.cargo/env - -rustup target add i686-unknown-linux-gnu -rustup target add armv7-unknown-linux-gnueabihf - -cargo install cargo-rpm +TOOLCHAIN=$(grep -e '^toolchain =' Cargo.toml | sed -e 's/toolchain = "\(.*\)"/\1/') VERSION=$(grep -e '^version =' Cargo.toml | sed -e 's/version = "\(.*\)"/\1/') if echo "$VERSION" | fgrep -q "-"; then @@ -17,8 +11,31 @@ else RPM_VERSION="$VERSION-1" fi +curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${TOOLCHAIN} +source $HOME/.cargo/env + +rustup target add i686-unknown-linux-gnu +rustup target add armv7-unknown-linux-gnueabihf + +cargo install cargo-rpm + mkdir dist cargo build --release cargo rpm build cp target/release/rpmbuild/RPMS/x86_64/vpncloud-${RPM_VERSION}.x86_64.rpm dist/vpncloud_${RPM_VERSION}.x86_64.rpm + + +build_rpm() { + ARCH=$1 + TARGET=$2 + if ! [ -f dist/vpncloud_${RPM_VERSION}.${ARCH}.rpm ]; then + mkdir -p target + [ -L target/assets ] || ln -s ../assets target/assets + [ -L target/target ] || ln -s ../target target/target + cargo rpm build --target ${TARGET} + cp target/${TARGET}/release/rpmbuild/RPMS/${ARCH}/vpncloud-${RPM_VERSION}.${ARCH}.rpm dist/vpncloud_${RPM_VERSION}.${ARCH}.rpm + fi +} + +build_rpm i686 i686-unknown-linux-gnu \ No newline at end of file diff --git a/.github/actions/build-static/Dockerfile b/.github/actions/build-static/Dockerfile new file mode 100644 index 0000000..ed488af --- /dev/null +++ b/.github/actions/build-static/Dockerfile @@ -0,0 +1,19 @@ +FROM ubuntu:16.04 + +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + build-essential \ + curl \ + gcc-aarch64-linux-gnu \ + gcc-arm-linux-gnueabihf \ + libc6-dev-arm64-cross \ + libc6-dev-armhf-cross \ + libc6-dev-i386 \ + gcc-5-multilib \ + asciidoctor \ + musl musl-dev musl-tools \ + && apt-get clean && rm -rf /var/lib/apt/lists/* + +ADD entrypoint.sh /entrypoint.sh + +ENTRYPOINT /entrypoint.sh diff --git a/.github/actions/build-static/action.yml b/.github/actions/build-static/action.yml new file mode 100644 index 0000000..54fea70 --- /dev/null +++ b/.github/actions/build-static/action.yml @@ -0,0 +1,5 @@ +name: 'build-static' +description: 'Create static binaries' +runs: + using: 'docker' + image: 'Dockerfile' diff --git a/.github/actions/build-static/entrypoint.sh b/.github/actions/build-static/entrypoint.sh new file mode 100755 index 0000000..4bc0ac3 --- /dev/null +++ b/.github/actions/build-static/entrypoint.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +set -e + +TOOLCHAIN=$(grep -e '^toolchain =' Cargo.toml | sed -e 's/toolchain = "\(.*\)"/\1/') +UPX_VERSION=$(grep -e '^upx_version =' Cargo.toml | sed -e 's/upx_version = "\(.*\)"/\1/') + +VERSION=$(grep -e '^version =' Cargo.toml | sed -e 's/version = "\(.*\)"/\1/') +DEB_VERSION=$(echo "$VERSION" | sed -e 's/-/~/g') + +ln -s asm-generic/ /usr/include/asm +ln -s /usr/bin/aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-musl-gcc +ln -s /usr/bin/arm-linux-gnueabihf-gcc /usr/bin/arm-linux-musleabihf-gcc + +curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${TOOLCHAIN} +source $HOME/.cargo/env + +rustup target add x86_64-unknown-linux-musl +rustup target add i686-unknown-linux-musl +rustup target add armv7-unknown-linux-musleabihf +rustup target add aarch64-unknown-linux-musl + +curl https://github.com/upx/upx/releases/download/v${UPX_VERSION}/upx-${UPX_VERSION}-amd64_linux.tar.xz -Lf | tar -xJ --strip-components=1 -C /opt/rust/cargo/bin + +mkdir dist + +build_static() { + ARCH=$1 + TARGET=$2 + cargo build --release --features installer --target ${TARGET} && upx --lzma target/${TARGET}/release/vpncloud + cp target/${TARGET}/release/vpncloud ../dist/vpncloud_${VERSION}_static_${ARCH} +} + +build_static amd64 x86_64-unknown-linux-musl +#build_static i386 i686-unknown-linux-musl +build_static armhf armv7-unknown-linux-musleabihf +build_static arm64 aarch64-unknown-linux-musl \ No newline at end of file diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 84a459f..e45528b 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -10,8 +10,6 @@ jobs: - uses: actions/checkout@v2 - name: Run builder uses: ./.github/actions/build-deb - with: - rust: '1.50.0' - name: Archive artifacts uses: actions/upload-artifact@v1 with: @@ -30,8 +28,6 @@ jobs: - uses: actions/checkout@v2 - name: Run builder uses: ./.github/actions/build-rpm - with: - rust: '1.50.0' - name: Archive artifacts uses: actions/upload-artifact@v1 with: @@ -43,3 +39,21 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: args: 'dist/*.rpm' + static: + name: "Build static binaries" + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Run builder + uses: ./.github/actions/build-static + - name: Archive artifacts + uses: actions/upload-artifact@v1 + with: + name: packages + path: dist + - name: Upload artifacts + uses: skx/github-action-publish-binaries@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + args: 'dist/*' \ No newline at end of file diff --git a/.rpm/vpncloud.spec b/.rpm/vpncloud.spec index 9c9e8fb..2dbdc77 100644 --- a/.rpm/vpncloud.spec +++ b/.rpm/vpncloud.spec @@ -23,6 +23,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root rm -rf %{buildroot} mkdir -p %{buildroot} mkdir -p %{buildroot}/etc/vpncloud +chmod 700 %{buildroot}/etc/vpncloud mkdir -p %{buildroot}/lib/systemd/system mkdir -p %{buildroot}/usr/share/man/man1 cp %{buildroot}/../../../../../assets/example.net.disabled %{buildroot}/etc/vpncloud/example.net.disabled diff --git a/.whitesource b/.whitesource new file mode 100644 index 0000000..55b922e --- /dev/null +++ b/.whitesource @@ -0,0 +1,12 @@ +{ + "scanSettings": { + "baseBranches": [] + }, + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure", + "displayMode": "diff" + }, + "issueSettings": { + "minSeverityLevel": "LOW" + } +} \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index afbe865..4e63562 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,9 +7,11 @@ This project follows [semantic versioning](http://semver.org). - [added] Added interactive configuration wizard - [added] Support for (un-)installation - [added] Building static binaries +- [added] Building i686 rpm - [changed] Restructured example config - [changed] Changed Rust version to 1.50.0 - [changed] Updated dependencies +- [changed] Change permissions of /etc/vpncloud ### v2.1.0 (2021-02-06) diff --git a/Cargo.lock b/Cargo.lock index 0b3b90a..eecd6f4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -11,9 +11,9 @@ dependencies = [ [[package]] name = "attohttpc" -version = "0.16.1" +version = "0.16.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba5b30bf3a0aead269fd5dd69b385a3e90c2b55f4f215d1bdf52c3883f5fa7fa" +checksum = "fdb8867f378f33f78a811a8eb9bf108ad99430d7aad43315dd9319c827ef6247" dependencies = [ "http", "log", @@ -85,9 +85,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.6.0" +version = "3.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "099e596ef14349721d9016f6b80dd3419ea1bf289ab9b44df8e4dfd3a005d5d9" +checksum = "63396b8a4b9de3f4fdfb320ab6080762242f66a8ef174c49d8e19b674db4cdbe" [[package]] name = "byteorder" @@ -112,9 +112,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.66" +version = "1.0.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c0496836a84f8d0495758516b8621a622beb77c0fed418570e50764093ced48" +checksum = "e3c69b077ad434294d3ce9f1f6143a2a4b89a8a2d54ef813d85003a4fd1137fd" [[package]] name = "cfg-if" @@ -230,27 +230,28 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.1" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1aaa739f95311c2c7887a76863f500026092fb1dce0161dab577e559ef3569d" +checksum = "d60ab4a8dba064f2fbb5aa270c28da5cf4bbd0e72dae1140a6b0353a779dbe00" dependencies = [ "cfg-if 1.0.0", - "const_fn", "crossbeam-utils", "lazy_static", + "loom", "memoffset", "scopeguard", ] [[package]] name = "crossbeam-utils" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02d96d1e189ef58269ebe5b97953da3274d83a93af647c2ddd6f9dab28cedb8d" +checksum = "bae8f328835f8f5a6ceb6a7842a7f2d0c03692adb5c889347235d59194731fe3" dependencies = [ "autocfg", "cfg-if 1.0.0", "lazy_static", + "loom", ] [[package]] @@ -338,14 +339,27 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "form_urlencoded" -version = "1.0.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ece68d15c92e84fa4f19d3780f1294e5ca82a78a6d515f1efaabcc144688be00" +checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" dependencies = [ "matches", "percent-encoding", ] +[[package]] +name = "generator" +version = "0.6.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9fed24fd1e18827652b4d55652899a1e9da8e54d91624dc3437a5bc3a9f9a9c" +dependencies = [ + "cc", + "libc", + "log", + "rustversion", + "winapi", +] + [[package]] name = "generic-array" version = "0.14.4" @@ -416,9 +430,9 @@ checksum = "71a816c97c42258aa5834d07590b718b4c9a598944cd39a52dc25b351185d678" [[package]] name = "idna" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de910d521f7cc3135c4de8db1cb910e0b5ed1dc6f57c381cd07e8e661ce10094" +checksum = "89829a5d69c23d348314a7ac337fe39173b61149a9864deabd260983aed48c21" dependencies = [ "matches", "unicode-bidi", @@ -525,6 +539,17 @@ dependencies = [ "cfg-if 1.0.0", ] +[[package]] +name = "loom" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d44c73b4636e497b4917eb21c33539efa3816741a2d3ff26c6316f1b529481a4" +dependencies = [ + "cfg-if 1.0.0", + "generator", + "scoped-tls", +] + [[package]] name = "matches" version = "0.1.8" @@ -592,9 +617,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.5.2" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13bd41f508810a131401606d54ac32a467c97172d74ba7662562ebba5ad07fa0" +checksum = "4ad167a2f54e832b82dbe003a046280dceffe5227b5f79e08e363a29638cfddd" [[package]] name = "oorandom" @@ -862,6 +887,12 @@ dependencies = [ "semver", ] +[[package]] +name = "rustversion" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb5d2a036dc6d2d8fd16fde3498b04306e29bd193bf306a57427019b823d5acd" + [[package]] name = "ryu" version = "1.0.5" @@ -877,6 +908,12 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "scoped-tls" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea6a9290e3c9cf0f18145ef7ffa62d68ee0bf5fcd651017e586dc7fd5da448c2" + [[package]] name = "scopeguard" version = "1.1.0" @@ -1126,18 +1163,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.23" +version = "1.0.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76cc616c6abf8c8928e2fdcc0dbfab37175edd8fb49a4641066ad1364fdab146" +checksum = "e0f4a65597094d4483ddaed134f409b2cb7c1beccf25201a9f73c719254fa98e" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.23" +version = "1.0.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9be73a2caec27583d0046ef3796c3794f868a5bc813db689eed00c7631275cd1" +checksum = "7765189610d8241a44529806d6fd1f2e0a08734313a35d5b3a556f92b381f3c0" dependencies = [ "proc-macro2", "quote", @@ -1277,9 +1314,9 @@ checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" [[package]] name = "url" -version = "2.2.0" +version = "2.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5909f2b0817350449ed73e8bcd81c8c3c8d9a7a5d8acba4b27db277f1868976e" +checksum = "9ccd964113622c8e9322cfac19eb1004a07e636c545f325da085d5cdde6f1f8b" dependencies = [ "form_urlencoded", "idna", diff --git a/Cargo.toml b/Cargo.toml index b587ed2..473cba7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,6 +11,10 @@ keywords = ["vpn", "p2p", "tun", "tap", "network"] readme = "README.md" edition = "2018" +[package.metadata] +toolchain = "1.50.0" +upx_version = "3.96" + [dependencies] time = "=0.2.22" structopt = "0.3" diff --git a/assets/deb-scripts/postint b/assets/deb-scripts/postint index 58f6d5c..ebd5c67 100755 --- a/assets/deb-scripts/postint +++ b/assets/deb-scripts/postint @@ -1,3 +1,4 @@ #!/bin/bash -systemctl daemon-reload \ No newline at end of file +systemctl daemon-reload +chmod 700 /etc/vpncloud \ No newline at end of file diff --git a/builder/Dockerfile-deb b/builder/Dockerfile-deb index 7eb73d0..ec52ecc 100644 --- a/builder/Dockerfile-deb +++ b/builder/Dockerfile-deb @@ -1,5 +1,8 @@ FROM ubuntu:16.04 +ARG TOOLCHAIN=stable +ARG UPX_VERSION=3.96 + RUN apt-get update \ && apt-get install -y --no-install-recommends \ build-essential \ @@ -11,8 +14,19 @@ RUN apt-get update \ libc6-dev-i386 \ gcc-5-multilib \ asciidoctor \ - musl musl-dev musl-tools \ - && rm -rf /var/cache/dpkg + && apt-get clean && rm -rf /var/lib/apt/lists/* + +ENV RUSTUP_HOME=/opt/rust/rustup \ + PATH=/opt/rust/cargo/bin:/home/user/.cargo/bin:/usr/local/musl/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +RUN curl https://sh.rustup.rs -sSf | env CARGO_HOME=/opt/rust/cargo sh -s -- -y --default-toolchain ${TOOLCHAIN} --profile minimal --no-modify-path + +RUN env CARGO_HOME=/opt/rust/cargo rustup target add i686-unknown-linux-gnu \ + && env CARGO_HOME=/opt/rust/cargo rustup target add armv7-unknown-linux-gnueabihf \ + && env CARGO_HOME=/opt/rust/cargo rustup target add aarch64-unknown-linux-gnu + +RUN env CARGO_HOME=/opt/rust/cargo cargo install cargo-deb \ + && rm -rf /opt/rust/cargo/{git,tmp,registry} RUN ln -s asm-generic/ /usr/include/asm @@ -20,25 +34,8 @@ RUN useradd -ms /bin/bash user USER user WORKDIR /home/user -ENV RUST=1.50.0 - -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST} - -ENV PATH=/home/user/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - -RUN rustup target add i686-unknown-linux-gnu \ - && rustup target add armv7-unknown-linux-gnueabihf \ - && rustup target add aarch64-unknown-linux-gnu \ - && rustup target add x86_64-unknown-linux-musl \ - && rustup target add i686-unknown-linux-musl \ - && rustup target add armv7-unknown-linux-musleabihf \ - && rustup target add aarch64-unknown-linux-musl - -RUN cargo install cargo-deb \ - && rm -rf /home/user/.cargo/{git,tmp,registry} - -ENV UPX_VER=3.96 -RUN curl https://github.com/upx/upx/releases/download/v${UPX_VER}/upx-${UPX_VER}-amd64_linux.tar.xz -Lf | tar -xJ --strip-components=1 -C /home/user/.cargo/bin +RUN mkdir -p /home/user/.cargo \ + && ln -s /opt/rust/cargo/config /home/user/.cargo/config VOLUME /home/user/.cargo/tmp VOLUME /home/user/.cargo/git diff --git a/builder/Dockerfile-musl b/builder/Dockerfile-musl new file mode 100644 index 0000000..4c1a769 --- /dev/null +++ b/builder/Dockerfile-musl @@ -0,0 +1,46 @@ +FROM ubuntu:16.04 + +ARG TOOLCHAIN=stable +ARG UPX_VERSION=3.96 + +RUN apt-get update \ + && apt-get install -y --no-install-recommends --no-install-suggests \ + build-essential \ + curl \ + gcc-aarch64-linux-gnu \ + gcc-arm-linux-gnueabihf \ + libc6-dev-arm64-cross \ + libc6-dev-armhf-cross \ + libc6-dev-i386 \ + gcc-5-multilib \ + asciidoctor \ + musl musl-dev musl-tools \ + && apt-get clean && rm -rf /var/lib/apt/lists/* + +ENV RUSTUP_HOME=/opt/rust/rustup \ + PATH=/opt/rust/cargo/bin:/home/user/.cargo/bin:/usr/local/musl/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +RUN curl https://sh.rustup.rs -sSf | env CARGO_HOME=/opt/rust/cargo sh -s -- -y --default-toolchain ${TOOLCHAIN} --profile minimal --no-modify-path + +RUN env CARGO_HOME=/opt/rust/cargo rustup target add x86_64-unknown-linux-musl \ + && env CARGO_HOME=/opt/rust/cargo rustup target add i686-unknown-linux-musl \ + && env CARGO_HOME=/opt/rust/cargo rustup target add armv7-unknown-linux-musleabihf \ + && env CARGO_HOME=/opt/rust/cargo rustup target add aarch64-unknown-linux-musl + +RUN curl https://github.com/upx/upx/releases/download/v${UPX_VERSION}/upx-${UPX_VERSION}-amd64_linux.tar.xz -Lf | tar -xJ --strip-components=1 -C /opt/rust/cargo/bin + +RUN ln -s asm-generic/ /usr/include/asm \ + && ln -s /usr/bin/g++ /usr/bin/musl-g++ \ + && ln -s /usr/bin/aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-musl-gcc \ + && ln -s /usr/bin/arm-linux-gnueabihf-gcc /usr/bin/arm-linux-musleabihf-gcc + +RUN useradd -ms /bin/bash user +USER user +WORKDIR /home/user + +RUN mkdir -p /home/user/.cargo \ + && ln -s /opt/rust/cargo/config /home/user/.cargo/config + +VOLUME /home/user/.cargo/tmp +VOLUME /home/user/.cargo/git +VOLUME /home/user/.cargo/registry \ No newline at end of file diff --git a/builder/Dockerfile-rpm b/builder/Dockerfile-rpm index 5a0d255..d264e04 100644 --- a/builder/Dockerfile-rpm +++ b/builder/Dockerfile-rpm @@ -1,25 +1,32 @@ FROM centos:7 +ARG TOOLCHAIN=stable + RUN yum groupinstall -y 'Development Tools' RUN yum install -y ruby && gem install asciidoctor -v 2.0.10 +ENV RUSTUP_HOME=/opt/rust/rustup \ + PATH=/opt/rust/cargo/bin:/home/user/.cargo/bin:/usr/local/musl/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +RUN curl https://sh.rustup.rs -sSf | env CARGO_HOME=/opt/rust/cargo sh -s -- -y --default-toolchain ${TOOLCHAIN} --profile minimal --no-modify-path + +RUN env CARGO_HOME=/opt/rust/cargo rustup target add i686-unknown-linux-gnu \ + && env CARGO_HOME=/opt/rust/cargo rustup target add armv7-unknown-linux-gnueabihf + +RUN env CARGO_HOME=/opt/rust/cargo cargo install cargo-rpm \ + && rm -rf /opt/rust/cargo/{git,tmp,registry} + +RUN yum install -y libstdc++-*.i686 \ + && yum install -y glibc-*.i686 \ + && yum install -y libgcc.i686 + RUN useradd -ms /bin/bash user USER user WORKDIR /home/user -ENV RUST=1.50.0 - -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST} - -ENV PATH=/home/user/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - -RUN rustup target add i686-unknown-linux-gnu \ - && rustup target add armv7-unknown-linux-gnueabihf - -RUN cargo install cargo-rpm \ - && rm -rf /home/user/.cargo/{git,tmp,registry} +RUN mkdir -p /home/user/.cargo \ + && ln -s /opt/rust/cargo/config /home/user/.cargo/config VOLUME /home/user/.cargo/tmp VOLUME /home/user/.cargo/git -VOLUME /home/user/.cargo/registry - +VOLUME /home/user/.cargo/registry \ No newline at end of file diff --git a/builder/build.sh b/builder/build.sh index 548c832..a8515be 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -12,10 +12,15 @@ function docker_cmd() { vpncloud-builder-$DIST bash -c "$CMD" } +# docker run -it --rm -v $(pwd)/..:/home/user/code -v $(pwd)/cache/rpm/target:/home/user/code/target -v $(pwd)/cache/rpm/registry:/home/user/code/registry -v $(pwd)/cache/rpm/git:/home/user/code/git -v $(pwd)/cache/rpm/tmp:/home/user/code/tmp vpncloud-builder-rpm + set -e cd $(dirname $0) +TOOLCHAIN=$(grep -e '^toolchain =' ../Cargo.toml | sed -e 's/toolchain = "\(.*\)"/\1/') +UPX_VERSION=$(grep -e '^upx_version =' ../Cargo.toml | sed -e 's/upx_version = "\(.*\)"/\1/') + VERSION=$(grep -e '^version =' ../Cargo.toml | sed -e 's/version = "\(.*\)"/\1/') DEB_VERSION=$(echo "$VERSION" | sed -e 's/-/~/g') if echo "$VERSION" | fgrep -q "-"; then @@ -24,12 +29,12 @@ else RPM_VERSION="$VERSION-1" fi -mkdir -p cache/{rpm,deb} +mkdir -p cache/{rpm,deb,musl} CACHE=$(pwd)/cache mkdir -p ../dist -docker build --rm -f=Dockerfile-deb -t vpncloud-builder-deb . +docker build --rm -f=Dockerfile-deb --build-arg TOOLCHAIN=$TOOLCHAIN --build-arg UPX_VERSION=$UPX_VERSION -t vpncloud-builder-deb . # x86_64 deb if ! [ -f ../dist/vpncloud_${DEB_VERSION}_amd64.deb ]; then @@ -51,19 +56,21 @@ build_deb armhf armv7-unknown-linux-gnueabihf build_deb arm64 aarch64-unknown-linux-gnu +docker build --rm -f=Dockerfile-musl -t vpncloud-builder-musl . + build_static() { ARCH=$1 TARGET=$2 if ! [ -f ../dist/vpncloud_${VERSION}_static_${ARCH} ]; then - docker_cmd deb "cd code && cargo build --release --features installer --target ${TARGET} && upx --lzma target/${TARGET}/release/vpncloud" - cp $CACHE/deb/target/${TARGET}/release/vpncloud ../dist/vpncloud_${VERSION}_static_${ARCH} + docker_cmd musl "cd code && cargo build --release --features installer --target ${TARGET} && upx --lzma target/${TARGET}/release/vpncloud" + cp $CACHE/musl/target/${TARGET}/release/vpncloud ../dist/vpncloud_${VERSION}_static_${ARCH} fi } build_static amd64 x86_64-unknown-linux-musl -build_static i386 i686-unknown-linux-gnu +#build_static i386 i686-unknown-linux-musl build_static armhf armv7-unknown-linux-musleabihf -#build_static arm64 aarch64-unknown-linux-musl # fails for unknown reason +build_static arm64 aarch64-unknown-linux-musl docker build --rm -f=Dockerfile-rpm -t vpncloud-builder-rpm . @@ -72,4 +79,18 @@ if ! [ -f ../dist/vpncloud_${RPM_VERSION}.x86_64.rpm ]; then # x86_64 rpm docker_cmd rpm 'cd code && cargo rpm build' cp $CACHE/rpm/target/release/rpmbuild/RPMS/x86_64/vpncloud-${RPM_VERSION}.x86_64.rpm ../dist/vpncloud_${RPM_VERSION}.x86_64.rpm -fi \ No newline at end of file +fi + +build_rpm() { + ARCH=$1 + TARGET=$2 + if ! [ -f ../dist/vpncloud_${RPM_VERSION}.${ARCH}.rpm ]; then + mkdir -p $CACHE/rpm/target + [ -L $CACHE/rpm/target/assets ] || ln -s ../assets $CACHE/rpm/target/assets + [ -L $CACHE/rpm/target/target ] || ln -s ../target $CACHE/rpm/target/target + docker_cmd rpm "cd code && cargo rpm build --target ${TARGET}" + cp $CACHE/rpm/target/${TARGET}/release/rpmbuild/RPMS/${ARCH}/vpncloud-${RPM_VERSION}.${ARCH}.rpm ../dist/vpncloud_${RPM_VERSION}.${ARCH}.rpm + fi +} + +build_rpm i686 i686-unknown-linux-gnu diff --git a/src/installer.rs b/src/installer.rs index 2882a3c..184d025 100644 --- a/src/installer.rs +++ b/src/installer.rs @@ -1,9 +1,10 @@ -use crate::error::Error; +use crate::{error::Error, util::run_cmd}; use std::{ env, fs::{self, File}, io::Write, - os::unix::fs::PermissionsExt + os::unix::fs::PermissionsExt, + process::Command }; const MANPAGE: &[u8] = include_bytes!("../target/vpncloud.1.gz"); @@ -11,6 +12,12 @@ const SERVICE_FILE: &[u8] = include_bytes!("../assets/vpncloud@.service"); const WS_PROXY_SERVICE_FILE: &[u8] = include_bytes!("../assets/vpncloud-wsproxy.service"); const EXAMPLE_CONFIG: &[u8] = include_bytes!("../assets/example.net.disabled"); +fn systemctl_daemon_reload() { + let mut cmd = Command::new("systemctl"); + cmd.arg("daemon-reload"); + run_cmd(cmd); +} + pub fn install() -> Result<(), Error> { env::current_exe() .and_then(|p| fs::copy(p, "/usr/bin/vpncloud")) @@ -18,7 +25,7 @@ pub fn install() -> Result<(), Error> { fs::set_permissions("/usr/bin/vpncloud", fs::Permissions::from_mode(755)) .map_err(|e| Error::FileIo("Failed to set permissions for binary", e))?; fs::create_dir_all("/etc/vpncloud").map_err(|e| Error::FileIo("Failed to create config folder", e))?; - fs::set_permissions("/etc/vpncloud", fs::Permissions::from_mode(600)) + fs::set_permissions("/etc/vpncloud", fs::Permissions::from_mode(700)) .map_err(|e| Error::FileIo("Failed to set permissions for config folder", e))?; File::create("/etc/vpncloud/example.net.disabled") .and_then(|mut f| f.write_all(EXAMPLE_CONFIG)) @@ -32,6 +39,7 @@ pub fn install() -> Result<(), Error> { File::create("/lib/systemd/system/vpncloud-wsproxy.service") .and_then(|mut f| f.write_all(WS_PROXY_SERVICE_FILE)) .map_err(|e| Error::FileIo("Failed to create wsporxy service file", e))?; + systemctl_daemon_reload(); info!("Install successful"); Ok(()) } @@ -44,6 +52,7 @@ pub fn uninstall() -> Result<(), Error> { fs::remove_file("/lib/systemd/system/vpncloud-wsproxy.service") .map_err(|e| Error::FileIo("Failed to remove wsproxy service file", e))?; fs::remove_file("/usr/bin/vpncloud").map_err(|e| Error::FileIo("Failed to remove binary", e))?; + systemctl_daemon_reload(); info!("Uninstall successful"); Ok(()) }