Neil Alexander
f0a5cd542c
Build MSIs for Windows using CircleCI ( #766 )
...
* Try to build MSIs from CircleCI using wixl/msitools
* Upload msis
* Change condition
* Update Platform
* Update Platform
* Don't build ARM, it's apparently not well supported
* Don't build ARM, it's apparently not well supported
* Remove appveyor config
* Update comments
* newline
2021-03-07 14:03:34 +00:00
rany
5b326d8bb8
Update generate.sh ( #736 )
...
The AppArmor profile in contrib forbids `/usr/bin/yggdrasil` from reading the file in `/var/backups/yggdrasil.conf...`. This works around that restriction by having the shell do the reading of `/var/backups/yggdrasil.conf...` file while providing the same exact functionality without making the AppArmor profile less restrictive.
Another change is the safe perms for the `/etc/yggdrasil.conf` (so that config will have 0640 permissions). This is important because if we kept the default of 644 then any user (privileged or unprivileged) will have the ability to read the yggdrasil private key. We use a restrictive umask of 0027 to make this possible.
2020-12-06 20:52:54 +00:00
rany
709ea6976c
apparmor: allow yggdrasil to resolve hostnames ( #739 )
...
The apparmor profile in it's current state won't allow resolving hostnames. We need `<abstractions/nameservice>` because we simply can't just allow `/etc/resolv.conf`. This is because systemd-resolved, resolvconf, and others rely on symbolic links to `/etc/resolv.conf` which would make this extremely complicated. `<abstractions/nameservice>` deals with this complexity to allow every single one of those packages (systemd-resolved, resolvconf, ... ).
```
network inet stream,
network inet dgram,
network inet6 dgram,
network inet6 stream,
network netlink raw,
```
was removed because it's already included in `<abstractions/nameservice>`. Some permissions that are no longer needed in newer yggdrasil versions were also removed.
`owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` was changed to `/sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` because there is no guarantee that yggdrasil will always be run as root. (`owner` makes sure that the process's user and the file have the same owner, in that case, root. This might not always be the case so `owner` was removed)
2020-12-06 20:52:10 +00:00
Neil Alexander
1492738c9e
golangci-lint in CI ( #733 )
...
* golangci-lint in CI
* Put CI in own job
* Run verify job
* Use go get
* Fix typo
* Name lint instead of verify
* Read the config
* Use debug tag
* Tweaks
2020-09-27 14:28:25 +01:00
Arceliar
7a314afb31
check if an error was returned by Core._init and return it if so
2020-03-31 18:14:20 -05:00
Neil Alexander
e7228c7ae4
Merge pull request #666 from jcgruenhage/ansible-genkeys-progress-bar
...
add a progress bar to the ansible key generator
2020-03-25 20:55:15 +00:00
Jan Christian Grünhage
30bfa04c47
add a progress bar to the ansible key generator
2020-03-23 23:26:41 +01:00
Rany
c1816ae86f
Update usr.bin.yggdrasil
2020-03-10 16:47:41 +02:00
Neil Alexander
d160eccab0
Hopefully really actually fix it this time
2020-02-21 19:32:36 +00:00
Neil Alexander
7d590e31b0
Include yggdrasil-default-config.service
2020-02-21 19:14:40 +00:00
William Fleurant
a2adcbd7e4
docker: build and copy genkeys
2020-01-05 15:26:08 -05:00
Neil Alexander
4b16c325a3
Merge pull request #607 from Arano-kai/feature/systemd_modular_unit
...
Systemd: move config generation to a separate unit
2019-12-10 12:02:46 +00:00
Neil Alexander
1a1e32c411
Fix syntax error in build-msi.sh
2019-12-10 11:40:16 +00:00
Neil Alexander
4762edc2b3
Package display name
2019-12-10 11:38:58 +00:00
Neil Alexander
6f927b0613
Reverse upgrade condition
2019-12-10 11:33:52 +00:00
Neil Alexander
3e388cd7f9
Try to avoid breaking Wintun during upgrades
2019-12-10 11:27:49 +00:00
Neil Alexander
152f5838f8
Update metadata
2019-12-10 11:17:15 +00:00
Neil Alexander
1d41199501
Move Wintun to separate feature
2019-12-10 10:55:20 +00:00
Neil Alexander
bf5d5b2269
Rename service from 'yggdrasil' to 'Yggdrasil'
2019-12-04 09:29:30 +00:00
Neil Alexander
16e55992b6
Move yggdrasil.conf to ALLUSERSPROFILE
2019-11-29 11:06:08 +00:00
Neil Alexander
c17c4af26d
Don't normalise on upgrade
2019-11-28 13:08:56 +00:00
Neil Alexander
3f29a2ff05
Some comments
2019-11-28 13:00:52 +00:00
Neil Alexander
3734a73d6f
Don't impersonate user for updateconfig.bat
2019-11-28 11:16:36 +00:00
Neil Alexander
42d4a51765
Set output logging
2019-11-28 10:56:22 +00:00
Neil Alexander
724446bb04
Defer updateconfig
2019-11-28 10:42:57 +00:00
Neil Alexander
e64d661ab0
Fix update action
2019-11-28 10:19:47 +00:00
Neil Alexander
a673625e82
Configure service with -useconffile
2019-11-28 10:08:01 +00:00
Neil Alexander
b88a623a9f
Handle pull request branch
2019-11-28 09:56:14 +00:00
Neil Alexander
41a2e731eb
More MSI updates ( #622 )
...
* Try embedding config script
* Update config when installing
* Don't update config on uninstall
2019-11-28 09:52:14 +00:00
Neil Alexander
e1b0d0f20c
Appveyor MSI builds for Windows ( #621 )
...
* Try appveyor for MSI (not finished)
* build-msi.sh
* Don't shallow clone
* Don't set clone depth
* Build Yggdrasil for each arch
* Try to get rest of branches
* Allow upgrades (hopefully)
* Try using MajorUpgrade
* AllowDowngrades
* Try harder to build x86 :-)
* Bugfix
* Bugfix
* AllowSameVersionUpgrades
* AllowSameVersionUpgrades
* Generate new GUID for each build (might fix upgrades)
2019-11-28 00:35:29 +00:00
Arceliar
38c54efd73
Update yggdrasil.service
2019-11-24 22:54:30 -06:00
Arano-kai
7068160b20
Systemd: move config generation to a separate unit
...
- Modular unit composition: different tasks in separate units
- Use systemd tool set to run checks
- Avoid using inline shell in unit
2019-11-14 16:52:04 +02:00
Arano-kai
74d824302b
FIX: Systemd: typo in directive
2019-10-29 16:36:03 +02:00
Neil Alexander
b0bcf29d27
Allow ExecStartPre to fail for containers ( #573 )
2019-10-23 11:15:57 +01:00
Arano-kai
045a24d74e
Systemd: tun module and capabilities
...
- Enable (and limit to) capabilities that require to setup tun/tap interface.
- Ensure that tun module is active.
2019-10-02 00:36:33 +03:00
Neil Alexander
6ead31fb87
Remove RPM spec from contrib as it is now in yggdrasil-network/yggdrasil-package-rpm
2019-09-27 09:44:55 +01:00
Neil Alexander
d6ee20580d
Set TimeoutStopSec for systemd service
2019-09-27 09:37:34 +01:00
Neil Alexander
d44a7faa04
semver: Don't return failure codes when git history is not present
2019-09-18 20:09:53 +01:00
Neil Alexander
5b09b45572
Merge pull request #416 from fifteenthcommotion/yggdrasil-brute-simple
...
contribute decently fast yggdrasil address generator in C
2019-05-18 12:28:49 +01:00
fifteenthcommotion
080052ce04
remove ygg-brute gitignore
2019-05-18 04:25:57 -07:00
fifteenthcommotion
5bed78c7a7
add CC0 for good measure
2019-05-12 12:40:45 -07:00
fifteenthcommotion
db85a11194
unlicense and spacing perfectionism
2019-05-12 02:18:03 -07:00
fifteenthcommotion
5a3c730097
contribute decently fast yggdrasil address generator in C
2019-05-11 16:31:46 -07:00
Colin Reeder
2465ad0384
Add armel to PKGARCH usage list
2019-04-07 16:14:58 -06:00
Colin Reeder
b5e3b05e77
Add armel support to deb script
2019-04-07 13:07:26 -06:00
Viktor Villainov
f5c6c191ea
AppArmor: multiarch support and allow datagram transports
2019-03-09 22:34:26 -05:00
Viktor Villainov
00ad8e594e
Add AppArmor profile
2019-03-09 08:15:14 -05:00
William Wennerström
f4ccbe6c94
contrib/busybox-init: add reload and use -useconffile
...
+ Added reload command.
+ Use -useconffile instead, as it's required for reloading.
2019-03-06 11:30:49 +01:00
William Wennerström
76dd1f6345
contrib/openrc: I like symmetry
2019-03-05 22:27:51 +01:00
William Wennerström
1097c1c0c9
contrib/openrc: add reload command
2019-03-05 20:50:24 +01:00