From 445c1cac3c3472d7acb9248e0048850de4521d8c Mon Sep 17 00:00:00 2001 From: Florian Preinstorfer Date: Wed, 4 Sep 2024 15:04:50 +0200 Subject: [PATCH 1/3] Add support for service reload and sync service file * Copy the systemd.service file to the manual linux docs and adjust the path to the headscale binary to match with the previous documentation blocks. Unfortunately, there seems to be no easy way to include a file in mkdocs. * Remove a redundant "deprecation" block. The beginning of the documentation already states that. * Add `ExecReload` to the systemd.service file. Fixes: #2016 --- docs/packaging/headscale.systemd.service | 1 + docs/running-headscale-linux-manual.md | 34 +++--------------------- 2 files changed, 4 insertions(+), 31 deletions(-) diff --git a/docs/packaging/headscale.systemd.service b/docs/packaging/headscale.systemd.service index 14e3161804..37d5f5d37f 100644 --- a/docs/packaging/headscale.systemd.service +++ b/docs/packaging/headscale.systemd.service @@ -9,6 +9,7 @@ Type=simple User=headscale Group=headscale ExecStart=/usr/bin/headscale serve +ExecReload=/usr/bin/kill -HUP $MAINPID Restart=always RestartSec=5 diff --git a/docs/running-headscale-linux-manual.md b/docs/running-headscale-linux-manual.md index 720390d8c4..7802e20e85 100644 --- a/docs/running-headscale-linux-manual.md +++ b/docs/running-headscale-linux-manual.md @@ -111,40 +111,12 @@ tailscale up --login-server --authkey ## Running `headscale` in the background with SystemD -:warning: **Deprecated**: This part is very outdated and you should use the [pre-packaged Headscale for this](./running-headscale-linux.md) - This section demonstrates how to run `headscale` as a service in the background with [SystemD](https://www.freedesktop.org/wiki/Software/systemd/). This should work on most modern Linux distributions. -1. Create a SystemD service configuration at `/etc/systemd/system/headscale.service` containing: - - ```systemd - [Unit] - Description=headscale controller - After=syslog.target - After=network.target - - [Service] - Type=simple - User=headscale - Group=headscale - ExecStart=/usr/local/bin/headscale serve - Restart=always - RestartSec=5 - - # Optional security enhancements - NoNewPrivileges=yes - PrivateTmp=yes - ProtectSystem=strict - ProtectHome=yes - WorkingDirectory=/var/lib/headscale - ReadWritePaths=/var/lib/headscale /var/run/headscale - AmbientCapabilities=CAP_NET_BIND_SERVICE - RuntimeDirectory=headscale - - [Install] - WantedBy=multi-user.target - ``` +1. Copy [headscale's systemd service file](./packaging/headscale.systemd.service) to + `/etc/systemd/system/headscale.service` and adjust it to suit your local setup. The following parameters likely need + to be modified: `ExecStart`, `WorkingDirectory`, `ReadWritePaths`. Note that when running as the headscale user ensure that, either you add your current user to the headscale group: From 7d3a43e512a047a0dea0d4457ab58ed77c3750b4 Mon Sep 17 00:00:00 2001 From: Florian Preinstorfer Date: Thu, 5 Sep 2024 10:57:51 +0200 Subject: [PATCH 2/3] Its called systemd --- docs/running-headscale-linux-manual.md | 10 +++++----- docs/running-headscale-linux.md | 2 +- integration/dns_test.go | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/running-headscale-linux-manual.md b/docs/running-headscale-linux-manual.md index 7802e20e85..b18a6990d7 100644 --- a/docs/running-headscale-linux-manual.md +++ b/docs/running-headscale-linux-manual.md @@ -8,7 +8,7 @@ ## Goal This documentation has the goal of showing a user how-to set up and run `headscale` on Linux. -In additional to the "get up and running section", there is an optional [SystemD section](#running-headscale-in-the-background-with-systemd) +In additional to the "get up and running section", there is an optional [systemd section](#running-headscale-in-the-background-with-systemd) describing how to make `headscale` run properly in a server environment. ## Configure and run `headscale` @@ -66,7 +66,7 @@ describing how to make `headscale` run properly in a server environment. To continue the tutorial, open a new terminal and let it run in the background. Alternatively use terminal emulators like [tmux](https://github.com/tmux/tmux) or [screen](https://www.gnu.org/software/screen/). - To run `headscale` in the background, please follow the steps in the [SystemD section](#running-headscale-in-the-background-with-systemd) before continuing. + To run `headscale` in the background, please follow the steps in the [systemd section](#running-headscale-in-the-background-with-systemd) before continuing. 1. Verify `headscale` is running: Verify `headscale` is available: @@ -109,9 +109,9 @@ This will return a pre-authenticated key that can be used to connect a node to ` tailscale up --login-server --authkey ``` -## Running `headscale` in the background with SystemD +## Running `headscale` in the background with systemd -This section demonstrates how to run `headscale` as a service in the background with [SystemD](https://www.freedesktop.org/wiki/Software/systemd/). +This section demonstrates how to run `headscale` as a service in the background with [systemd](https://www.freedesktop.org/wiki/Software/systemd/). This should work on most modern Linux distributions. 1. Copy [headscale's systemd service file](./packaging/headscale.systemd.service) to @@ -136,7 +136,7 @@ This should work on most modern Linux distributions. unix_socket: /var/run/headscale/headscale.sock ``` -1. Reload SystemD to load the new configuration file: +1. Reload systemd to load the new configuration file: ```shell systemctl daemon-reload diff --git a/docs/running-headscale-linux.md b/docs/running-headscale-linux.md index 4be2e69399..ffa510a6a9 100644 --- a/docs/running-headscale-linux.md +++ b/docs/running-headscale-linux.md @@ -8,7 +8,7 @@ Get Headscale up and running. -This includes running Headscale with SystemD. +This includes running Headscale with systemd. ## Migrating from manual install diff --git a/integration/dns_test.go b/integration/dns_test.go index 60f0519958..f7973300e4 100644 --- a/integration/dns_test.go +++ b/integration/dns_test.go @@ -86,7 +86,7 @@ func TestResolveMagicDNS(t *testing.T) { // All the containers are based on Alpine, meaning Tailscale // will overwrite the resolv.conf file. // On other platform, Tailscale will integrate with a dns manager -// if available (like Systemd-Resolved). +// if available (like systemd-resolved). func TestValidateResolvConf(t *testing.T) { IntegrationSkip(t) From 9337907b60b42e76cc0e39c9b84071e98921c7a2 Mon Sep 17 00:00:00 2001 From: Florian Preinstorfer Date: Thu, 5 Sep 2024 10:58:26 +0200 Subject: [PATCH 3/3] Fix link to systemd homepage --- docs/running-headscale-linux-manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/running-headscale-linux-manual.md b/docs/running-headscale-linux-manual.md index b18a6990d7..3a0d91e0b4 100644 --- a/docs/running-headscale-linux-manual.md +++ b/docs/running-headscale-linux-manual.md @@ -111,7 +111,7 @@ tailscale up --login-server --authkey ## Running `headscale` in the background with systemd -This section demonstrates how to run `headscale` as a service in the background with [systemd](https://www.freedesktop.org/wiki/Software/systemd/). +This section demonstrates how to run `headscale` as a service in the background with [systemd](https://systemd.io/). This should work on most modern Linux distributions. 1. Copy [headscale's systemd service file](./packaging/headscale.systemd.service) to