Merge pull request #70 from guilhem/tailscale

feat: add a tailscale bake
flatcar · May 6, 2024 · 7e91227 · 7e91227
2 parents e855840 + 6d28a88
commit 7e91227
Show file tree

Hide file tree

Showing 2 changed files with 67 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -226,7 +226,7 @@ version: 1.0.0
 storage:
   links:
     - path: /etc/systemd/system/multi-user.target.wants/k3s.service
-      target: /usr/local/lib/systemd/k3s.service
+      target: /usr/local/lib/systemd/system/k3s.service
       overwrite: true
 ```
 
@@ -238,7 +238,7 @@ version: 1.0.0
 storage:
   links:
     - path: /etc/systemd/system/multi-user.target.wants/k3s-agent.service
-      target: /usr/local/lib/systemd/k3s-agent.service
+      target: /usr/local/lib/systemd/system/k3s-agent.service
       overwrite: true
 ```
 
@@ -257,7 +257,7 @@ version: 1.0.0
 storage:
   links:
     - path: /etc/systemd/system/multi-user.target.wants/rke2-server.service
-      target: /usr/local/lib/systemd/rke2-server.service
+      target: /usr/local/lib/systemd/system/rke2-server.service
       overwrite: true
 ```
 
@@ -269,14 +269,29 @@ version: 1.0.0
 storage:
   links:
     - path: /etc/systemd/system/multi-user.target.wants/rke2-agent.service
-      target: /usr/local/lib/systemd/rke2-agent.service
+      target: /usr/local/lib/systemd/system/rke2-agent.service
       overwrite: true
 ```
 
 Of course, any configuration you need should be prepared before starting the
 services, like providing a token for an agent or server to join or creating a
 `config.yaml` file.
 
+#### Tailscale
+
+The Tailscale sysext ships a service unit but doesn't pre-enable it.
+You can use this Butane snippet to enable it:
+
+```
+variant: flatcar
+version: 1.0.0
+storage:
+  links:
+    - path: /etc/systemd/system/multi-user.target.wants/tailscaled.service
+      target: /usr/local/lib/systemd/system/tailscaled.service
+      overwrite: true
+```
+
 ### Creating a custom Docker sysext image
 
 The Docker releases publish static binaries including containerd and the only missing piece are the systemd units.

diff --git a/create_tailscale_sysext.sh b/create_tailscale_sysext.sh
@@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+export ARCH="${ARCH-x86-64}"
+SCRIPTFOLDER="$(dirname "$(readlink -f "$0")")"
+
+if [ $# -lt 2 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
+  echo "Usage: $0 VERSION SYSEXTNAME"
+  echo "The script will download tailscale binaries (e.g., for 1.64.0) and create a sysext squashfs image with the name SYSEXTNAME.raw in the current folder."
+  echo "A temporary directory named SYSEXTNAME in the current folder will be created and deleted again."
+  echo "All files in the sysext image will be owned by root."
+  echo "To use arm64 pass 'ARCH=arm64' as environment variable (current value is '${ARCH}')."
+  "${SCRIPTFOLDER}"/bake.sh --help
+  exit 1
+fi
+
+VERSION="$1"
+SYSEXTNAME="$2"
+
+if [ "${ARCH}" = "x86-64" ]; then
+  ARCH="amd64"
+elif [ "${ARCH}" = "aarch64" ]; then
+  ARCH="arm64"
+fi
+
+TARBALL="tailscale_${VERSION}_${ARCH}.tgz"
+URL="https://pkgs.tailscale.com/stable/${TARBALL}"
+
+rm -rf "${SYSEXTNAME}"
+TMP_DIR="${SYSEXTNAME}/tmp"
+mkdir -p "${TMP_DIR}"
+
+curl -o "${TMP_DIR}/${TARBALL}" -fsSL "${URL}"
+
+tar xf "${TMP_DIR}/${TARBALL}" -C "${TMP_DIR}" --strip-components=1
+
+mkdir -p "${SYSEXTNAME}"/usr/local/{bin,sbin,lib/{systemd/system,extension-release.d}}
+
+mv "${TMP_DIR}/tailscale" "${SYSEXTNAME}/usr/local/bin/tailscale"
+mv "${TMP_DIR}/tailscaled" "${SYSEXTNAME}/usr/local/sbin/tailscaled"
+mv "${TMP_DIR}/systemd/tailscaled.service" "${SYSEXTNAME}/usr/local/lib/systemd/system/tailscaled.service"
+
+sed -i 's/--port.*//g' "${SYSEXTNAME}/usr/local/lib/systemd/system/tailscaled.service"
+
+rm -rf "${TMP_DIR}"
+
+RELOAD=1 "${SCRIPTFOLDER}"/bake.sh "${SYSEXTNAME}"
+rm -rf "${SYSEXTNAME}"