Open sidbena opened 1 year ago
EugeneOne1
commented
1 year ago @sidbena, hello. We've updated the installation script and the README.md to support the fetch command. Could you please check it out?
Also, could you please provide some details on the third part? We're ready to make these changes but we'd like to have some documentation to make sure that we're understand what kind of issue we're solving here. Thanks.
sidbena
commented
1 year ago Hello again, I tried running your installation script and got this:
# fetch -o - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v
- 12 kB 33 MBps 00s
starting AdGuard Home installation script
channel: release
operating system: freebsd
cpu type: amd64
AdGuard Home will be installed into /opt/AdGuardHome
checking tar
script is executed with root privileges
no need to uninstall
downloading package from https://static.adtidy.org/adguardhome/release/AdGuardHome_freebsd_amd64.tar.gz -> AdGuardHome_freebsd_amd64.tar.gz
AdGuardHome_freebsd_amd64.tar.gz 8921 kB 25 MBps 01s
successfully downloaded AdGuardHome_freebsd_amd64.tar.gz
unpacking package from AdGuardHome_freebsd_amd64.tar.gz into /opt
successfully unpacked, contents:
total 3
-rwxrwxrwx 1 root wheel 27090944 Feb 1 14:18 AdGuardHome
-rw-rw-rw- 1 root wheel 587 Feb 1 14:18 AdGuardHome.sig
-rw-r--r-- 1 root wheel 64493 Feb 1 14:18 CHANGELOG.md
-rw-r--r-- 1 root wheel 35149 Feb 1 14:18 LICENSE.txt
-rw-r--r-- 1 root wheel 21202 Feb 1 14:18 README.md
2023/02/12 22:24:48 [info] AdGuard Home, version v0.107.23
2023/02/12 22:24:48 [info] service: control action: install
2023/02/12 22:24:48 [fatal] service: starting: Failed to start AdGuard Home service: exit status 1
installation failed, removing /opt/AdGuardHome
cannot install AdGuardHome as a serviceSo something relating to installing AdGuardHome as a service is failing.
Regarding the third part, I'm referring to the rc script that the service installation is installing, which seems to be this:
#!/bin/sh
# PROVIDE: AdGuardHome
# REQUIRE: networking
# KEYWORD: shutdown
. /etc/rc.subr
name="AdGuardHome"
AdGuardHome_env="IS_DAEMON=1"
AdGuardHome_user="root"
pidfile_child="/var/run/${name}.pid"
pidfile="/var/run/${name}_daemon.pid"
command="/usr/sbin/daemon"
command_args="-P ${pidfile} -p ${pidfile_child} -T ${name} -r /opt/AdGuardHome/AdGuardHome"
run_rc_command "$1"Compare that to the rc script that's installed with the port installer that I linked to and you'll notice that there are a few additional variables and features being usable with that, such as defining a working folder, a config file path and others. When I setup AdGuardHome in a jail I like being able to define a config path that's mounted so that I can easily transfer my config to a new jail should I need to.
EugeneOne1
commented
1 year ago @sidbena, thanks for a thorough report, we're looking into the script. For now, could you please help us a bit more? We'd like to see the output of manual service installation with something like:
sudo ./AdGuardHome -v -s installYou may download the archive with binary file directly from our server, just like the installation script does:
fetch -o ./agh.tar.gz https://static.adtidy.org/adguardhome/release/AdGuardHome_freebsd_amd64.tar.gzThe -v option is important here because to properly troubleshoot the issue, we need a verbose output. If it contains some sensitive information, you may send a redacted version to devteam@adguard.com with this issue number in the subject.
sidbena
commented
1 year ago By the looks of things, that actually went OK.
2023/02/15 22:28:20 [info] AdGuard Home, version v0.107.23
2023/02/15 22:28:20 [info] service: control action: install
2023/02/15 22:28:21 [info] service: started
2023/02/15 22:28:21 [info] Almost ready!
AdGuard Home is successfully installed and will automatically start on boot.
There are a few more things that must be configured before you can use it.
Click on the link below and follow the Installation Wizard steps to finish setup.
AdGuard Home is now available at the following addresses:
2023/02/15 22:28:21 [info] go to http://[::1]:3000
2023/02/15 22:28:21 [info] go to http://[fe80::1%lo0]:3000
2023/02/15 22:28:21 [info] go to http://127.0.0.1:3000
2023/02/15 22:28:21 [info] go to http://192.168.1.6:3000
2023/02/15 22:28:21 [info] service: action install has been done successfully on freebsdDoes something differ in the two ways to install AdGuardHome as a service? I.e. with using the install script and with using the binary itself?
I just tried the script way again (after removing /usr/local/etc/rc.d/AdGuardHome to allow the install to re-create it), and the script failed again, with the same fairly vague error (cannot install ... as a service)
EugeneOne1
commented
1 year ago @sidbena, I see. We've just pushed the fixed script, could you please check the one? We seem to have omitted the necessary privileges from the action of installing the service.
sidbena
commented
1 year ago I tried running the install script again and noticed this line in the output; sh: sudo: not found. A default TrueNAS jail does not contain sudo. Also, if the script is already running in a root context (which you already check with the function here), any spawned process would inherit this and not require sudo, unless I'm mistaken. Getting the path to the currently running shell could be gotten with something like this:
# which $(ps -cp $$ | tail -1 | awk '{print $NF}')
/usr/local/bin/zshTherefor re-running the script could be done with:
cur_shell=$(which $(ps -cp $$ | tail -1 | awk '{print $NF}'))
# and then the code to re-run
{ "$download_func" "$script_url" || echo 'exit 1'; }\
| $cur_shell -s -- -c "$channel" -C "$cpu" -O "$os" -o "$out_dir" "$r" "$u" "$v"but perhaps I'm misinterpreting something, or I've missed something vital you're doing in the process. I think it'd be good to check for sudo if you're gonna use it, even if the script is running as root. Since I haven't checked out the code in its entirety, I'm more than likely missing the reasoning.
xpufx
commented
9 months ago Having the same problem. Looks like the script knows it's running as root, but still tries to run sudo anyway. (I haven't tested with the unreleased commits). Script should not run sudo if it's running as root. It should actually never run sudo , but ask the user to run the script as root. I know why you might refrain from it - internet script piped to shell and everything, but since sudo is needed later, this is not real security anyway.
By the way, is there a way to NOT remove the installed files. Presumably I could fix this install easily just by moving the init script where it's supposed to go, but by the end of a failed run, everything is deleted.
Note that I just pkg installed sudo to have the script complete.
# fetch -vo - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v
resolving server address: raw.githubusercontent.com:443
SSL options: 82004854
Peer verification enabled
Using OpenSSL default CA cert file and path
Verify hostname
TLSv1.3 connection established using TLS_AES_128_GCM_SHA256
Certificate subject: /C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.github.io
Certificate issuer: /C=US/O=DigiCert Inc/CN=DigiCert TLS RSA SHA256 2020 CA1
requesting https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh
remote size / mtime: 13133 / 0
- 12 kB 4727 kBps 00s
starting AdGuard Home installation script
channel: release
operating system: freebsd
cpu type: amd64
AdGuard Home will be installed into /opt/AdGuardHome
checking tar
script is executed with root privileges
no need to uninstall
downloading package from https://static.adtidy.org/adguardhome/release/AdGuardHome_freebsd_amd64.tar.gz -> AdGuardHome_freebsd_amd64.tar.gz
AdGuardHome_freebsd_amd64.tar.gz 9544 kB 5931 kBps 02s
successfully downloaded AdGuardHome_freebsd_amd64.tar.gz
unpacking package from AdGuardHome_freebsd_amd64.tar.gz into /opt
successfully unpacked, contents:
total 3
-rwxrwxrwx 1 root wheel 28909568 Dec 7 18:00 AdGuardHome
-rw-rw-rw- 1 root wheel 587 Dec 7 18:00 AdGuardHome.sig
-rw-r--r-- 1 root wheel 102866 Dec 7 18:00 CHANGELOG.md
-rw-r--r-- 1 root wheel 35149 Dec 7 18:00 LICENSE.txt
-rw-r--r-- 1 root wheel 21918 Dec 7 18:00 README.md
sh: sudo: not found
installation failed, removing /opt/AdGuardHome
cannot install AdGuardHome as a service
Prerequisites
[x] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[X] I want to report a bug and not ask a question
Operating system type
FreeBSD
CPU architecture
AMD64
Installation
GitHub releases or script from README
Setup
On one machine
AdGuard Home version
v0.107.22
Description
What did you do?
Tried to install AdGuardHome in my TrueNAS jail with the
curl ... | shscript.Expected result
AdGuardHome installed, possibly with AdGuardHome installed as a service.
Actual result
either curl or wget is required to install AdGuard Home via this scriptScreenshots (if applicable)
Additional information
If I'm not mistaken, TrueNAS jails by default have no
curlorwget, but they do have the nativefetchcommand. I tried to execute the install command (curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v) with my jail, but naturally this fails. So I instead changed tofetch(fetch -o - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v) but the script quickly realizes thatcurlorwgetisn't available and exits.I would like TrueNAS jails to be natively supported, with these changes:
fetchinstead:fetchinstalls on TrueNAS/FreeBSD, and install into%%PREFIX%%/bin/<product_name>.rc.dscript for service installations on TrueNAS/FreeBSD to support RC variables, such asadguard_enable,working_directoryorlog_file, as per https://cgit.freebsd.org/ports/tree/www/adguardhome/files/adguardhome.in. This would also require changing the code in AdGuardHome/internal/home/service.go and possibly other files to accommodate this change.I'm happy to assist with testing on TrueNAS and/or ventilate any questions that might arise. Thanks in advance!