Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add systemd services (resolves #36, resolves #508) #694

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
9 changes: 9 additions & 0 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -419,6 +419,15 @@ endif()
#
if (${CMAKE_SYSTEM_NAME} MATCHES "Linux")
configure_files (${CMAKE_CURRENT_SOURCE_DIR}/dist/rpm ${CMAKE_BINARY_DIR}/rpm)
if (DEFINED ENV{SNAPCRAFT_PART_BUILD})
set (SYSTEMD_EXEC_PATH_PREFIX "/snap/bin/barrier.")
else()
set (SYSTEMD_EXEC_PATH_PREFIX "/usr/bin/")
endif()
configure_files (${CMAKE_CURRENT_SOURCE_DIR}/dist/systemd ${CMAKE_BINARY_DIR}/systemd)
install(FILES ${CMAKE_BINARY_DIR}/systemd/[email protected] DESTINATION lib/systemd/system)
install(FILES ${CMAKE_BINARY_DIR}/systemd/[email protected] DESTINATION lib/systemd/system)
install(FILES ${CMAKE_BINARY_DIR}/systemd/barriers.service DESTINATION lib/systemd/system)
install(FILES res/barrier.svg DESTINATION share/icons/hicolor/scalable/apps)
if("${VERSION_MAJOR}" STREQUAL "2")
install(FILES res/barrier2.desktop DESTINATION share/applications)
Expand Down
59 changes: 59 additions & 0 deletions dist/systemd/[email protected]
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
# Barrier Client service barrierc-@BARRIER_VERSION@
#
# This file is part of Barrier.
#
# This is a systemd template service for the barrierc client service. Instances
# are started using @<hostname>. For example:
#
# Starting:
# systemctl start barrierc@myserver
# or:
# systemctl start barrierc@myserver:24800
#
# Enabling:
# systemctl enable barrierc@myserver
#
# SSL Fingerprints are stored in /var/lib/barrier@<hostname> for each client
# instance.

[Unit]
Description=Barrier Client connected to %I (Open-source KVM software)
Documentation=man:barrierc(1) man:barriers(1)
Documentation=https://github.com/debauchee/barrier/wiki
# Require network before starting barrierc
After=network-online.target
Wants=network-online.target
# Don't run client if server is running
Conflicts=barriers.service

[Service]
Type=simple
# Log level may be FATAL, ERROR, WARNING, NOTE, INFO, DEBUG, DEBUG1, DEBUG2
Environment=LOG_LEVEL=INFO
# Default display is :0
Environment=DISPLAY=:0
# Store fingerprints in instance specific directories
Environment=XDG_DATA_HOME=/var/lib/barrier/barrier@%i
# TrustedServers.txt Directory
Environment=FP_DIR=/var/lib/barrier/barrier@%i/barrier/SSL/Fingerprints
# Ensure the Fingerprints directory exists
StateDirectory=barrier/barrier@%i/barrier/SSL/Fingerprints

# This uses openssl commands and grep to get the server's key and
# store it in the TrustedServers.txt file. OpenSSL is a requirement
# for barrier on Linux so these commands should exist. This will only
# work if using the default 24800 port (since the port number must be
# specified for openssl)
ExecStartPre=/usr/bin/sh -c "[ -f "${FP_DIR}/TrustedServers.txt" ] ||\
openssl s_client -connect %i:24800 2>/dev/null |\
openssl x509 -noout -sha1 -fingerprint |\
grep -oE '([A-Z0-9]{2}:?){20}' > ${FP_DIR}/TrustedServers.txt"
simons-public marked this conversation as resolved.
Show resolved Hide resolved

# Main executable
ExecStart=@SYSTEMD_EXEC_PATH_PREFIX@barrierc --enable-crypto --display ${DISPLAY} --debug ${LOG_LEVEL} --no-daemon %i
# Restart on fail
Restart=always

[Install]
# Install to graphical target
WantedBy=graphical.target
41 changes: 41 additions & 0 deletions dist/systemd/barriers.service.in
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Barrier Server service barriers-@BARRIER_VERSION@
#
# This file is part of Barrier.
#
# This systemd service starts barrier on the default port 24800.
#
# SSL data is stored in /var/lib/barrier:24800/barrier/SSL

[Unit]
Description=Barrier Server listening on 24800 (Open-source KVM software)
Documentation=man:barriers(1) man:barrierc(1)
Documentation=https://github.com/debauchee/barrier/wiki
# Require network before starting barrierc
After=network-online.target
Wants=network-online.target
# Don't run server if client or another instance is running
[email protected] [email protected]

[Service]
Type=simple
# Log level may be FATAL, ERROR, WARNING, NOTE, INFO, DEBUG, DEBUG1, DEBUG2
Environment=LOG_LEVEL=INFO
# Default display is :0
Environment=DISPLAY=:0
# Store SSL data in instance specific directories
Environment=XDG_DATA_HOME=/var/lib/barrier/barrier:24800
# SSL data directory
Environment=CERT_DIR=/var/lib/barrier/barrier:24800/barrier/SSL
# Ensure the SSL directory exists
StateDirectory=barrier/barrier:24800/barrier/SSL
# Create the Barrier.pem certificate if it doesn't exist
ExecStartPre=/usr/bin/sh -c "[ -f ${CERT_DIR}/Barrier.pem ] || openssl req -x509 -nodes -days 365 -subj '/CN=Barrier' -newkey rsa:2048 -text -keyout ${CERT_DIR}/Barrier.pem -out ${CERT_DIR}/Barrier.pem"

# Main executable
ExecStart=@SYSTEMD_EXEC_PATH_PREFIX@barriers --enable-crypto --display ${DISPLAY} --debug ${LOG_LEVEL} --config /etc/barrier.conf --no-daemon --address :24800
# Restart on fail
Restart=always

[Install]
# Install to graphical target
WantedBy=graphical.target
54 changes: 54 additions & 0 deletions dist/systemd/[email protected]
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
# Barrier Server service barriers-@BARRIER_VERSION@
#
# This file is part of Barrier.
#
# This is a systemd template service for running the barriers server using a
# specific port or IP. Instances are started using @[ip]:<port>. For example:
#
# Starting:
# systemctl start [email protected]:24800
# or:
# systemctl start barriers@:24800
#
# Enabling:
# systemctl enable [email protected]:24800
#
# SSL data is stored in /var/lib/barrier/barrier<instance>/barrier/SSL for each
# instance.

[Unit]
Description=Barrier Server listening on %I (Open-source KVM software)
Documentation=man:barriers(1) man:barrierc(1)
Documentation=https://github.com/debauchee/barrier/wiki
# Require network before starting barrierc
After=network-online.target
Wants=network-online.target
# Don't run server if client or another server is running
[email protected] barriers.service
# Sanity check that /var/lib exists
ConditionPathExists=/var/lib

[Service]
Type=simple
# Log level may be FATAL, ERROR, WARNING, NOTE, INFO, DEBUG, DEBUG1, DEBUG2
Environment=LOG_LEVEL=INFO
# Default display is :0
Environment=DISPLAY=:0
# Store SSL data in instance specific directories
Environment=XDG_DATA_HOME=/var/lib/barrier/barrier%i
# SSL data directory
Environment=CERT_DIR=/var/lib/barrier/barrier%i/barrier/SSL
# Ensure the SSL directory exists
StateDirectory=barrier/barrier%i/barrier/SSL
# Create the Barrier.pem certificate if it doesn't exist
ExecStartPre=/usr/bin/sh -c "[ -f ${CERT_DIR}/Barrier.pem ] || openssl req -x509 -nodes -days 365 -subj '/CN=Barrier' -newkey rsa:2048 -text -keyout ${CERT_DIR}/Barrier.pem -out ${CERT_DIR}/Barrier.pem"

# Main executable
ExecStart=@SYSTEMD_EXEC_PATH_PREFIX@barriers --enable-crypto --display ${DISPLAY} --debug ${LOG_LEVEL} --config /etc/barrier.conf --no-daemon --address %i
# Restart on fail
Restart=always

[Install]
# Install to graphical target
WantedBy=graphical.target
DefaultInstance=:24800