search

matrix-org / pantalaimon

E2EE aware proxy daemon for matrix clients.
Apache License 2.0
279 stars 41 forks source link

How to run pantalimon always #144

Open mackiexx opened 1 year ago

mackiexx commented 1 year ago

There is no docs on how to setup pantaliamon to run via systemd, it is not possible to leave the console for linux users, please help

mcat-ee commented 1 year ago

Untested, but systemd has a pretty standard template so this should work:

Create the systemd config file (and set permissions):

sudo touch /etc/systemd/system/pantalimon-daemon.service
sudo chmod 664 /etc/systemd/system/pantalimon-daemon.service

Content of the file:

[Unit]
Description=Pantalimon systemd service

[Service]
ExecStart=<point to your pantalimon binary>

[Install]
WantedBy=multi-user.target

Run this to reload your daemon config (so systemctl start pantalimon-daemon, stop, restart, etc work):

sudo systemctl daemon-reload

Run this to make it start automatically on boot:

sudo systemctl enable pantalimon-daemon

Run this to see the service logs:

journalctl -u f pantalimon-daemon
mackiexx commented 1 year ago

Untested, but systemd has a pretty standard template so this should work:

Create the systemd config file (and set permissions):

sudo touch /etc/systemd/system/pantalimon-daemon.service
sudo chmod 664 /etc/systemd/system/pantalimon-daemon.service

Content of the file:

[Unit]
Description=Pantalimon systemd service

[Service]
ExecStart=<point to your pantalimon binary>

[Install]
WantedBy=multi-user.target

Run this to reload your daemon config (so systemctl start pantalimon-daemon, stop, restart, etc work):

sudo systemctl daemon-reload

Run this to make it start automatically on boot:

sudo systemctl enable pantalimon-daemon

Run this to see the service logs:

journalctl -u f pantalimon-daemon

I followed the setup but i am getting this error "gi.repository.GLib.GError: g-io-error-quark: Cannot autolaunch D-Bus without X11 $DISPLAY (0)"

jeremiah-k commented 1 year ago

I've been meaning to ask if anyone was able to get pantalaimon working with a service file. I've tried several configurations and have only managed to get it to work for about 3 hours max before it crashes. I've tried running it with pm2 as well, with the same result. Here's some logs from when I last tried it.

Oct 17 11:11:08 myvps pantalaimon[3550]: [2022-10-17 16:11:08.526138] INFO: pantalaimon: Trying to decrypt sync
Oct 17 11:11:08 myvps pantalaimon[3550]: [2022-10-17 16:11:08.526349] INFO: pantalaimon: Decrypting sync
Oct 17 11:11:18 myvps pantalaimon[3550]: [2022-10-17 16:11:18.568507] INFO: pantalaimon: Trying to decrypt sync
Oct 17 11:11:18 myvps pantalaimon[3550]: [2022-10-17 16:11:18.568886] INFO: pantalaimon: Decrypting sync
Oct 17 11:11:20 myvps pantalaimon[3550]: [2022-10-17 16:11:20.342103] INFO: pantalaimon: Trying to decrypt sync
Oct 17 11:11:20 myvps pantalaimon[3550]: [2022-10-17 16:11:20.342278] INFO: pantalaimon: Decrypting sync
Oct 17 11:11:22 myvps systemd[1833]: Stopping Pantalaimon...
Oct 17 11:11:22 myvps systemd[1833]: pantalaimon.service: Main process exited, code=exited, status=1/FAILURE
Oct 17 11:11:22 myvps systemd[1833]: pantalaimon.service: Failed with result 'exit-code'.
Oct 17 11:11:22 myvps systemd[1833]: Stopped Pantalaimon.

and 

## Oct 17 16:00:38 myvps pantalaimon\[60660\]: \[2022-10-17 21:00:38.976889\] INFO: pantalaimon: Decrypting sync
Oct 17 16:00:39 myvps pantalaimon\[60660\]: \[2022-10-17 21:00:39.068572\] INFO: pantalaimon: Trying to decrypt sync
Oct 17 16:00:39 myvps pantalaimon\[60660\]: \[2022-10-17 21:00:39.068748\] INFO: pantalaimon: Decrypting sync
Oct 17 16:00:42 myvps pantalaimon\[60660\]: \[2022-10-17 21:00:42.372092\] INFO: pantalaimon: Trying to decrypt sync
Oct 17 16:00:42 myvps pantalaimon\[60660\]: \[2022-10-17 21:00:42.372265\] INFO: pantalaimon: Decrypting sync
Oct 17 16:00:46 myvps systemd\[57693\]: Stopped target Main User Target.
-- Subject: A stop job for unit UNIT has finished
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

## -- A stop job for unit UNIT has finished.

## -- The job identifier is 56 and the job result is done.
Oct 17 16:00:46 myvps systemd\[57693\]: Stopping D-Bus User Message Bus...
-- Subject: A stop job for unit UNIT has begun execution
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

## -- A stop job for unit UNIT has begun execution.

## -- The job identifier is 52.
Oct 17 16:00:46 myvps systemd\[57693\]: Stopping Pantalaimon...
-- Subject: A stop job for unit UNIT has begun execution
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

## -- A stop job for unit UNIT has begun execution.

## -- The job identifier is 57.
Oct 17 16:00:46 myvps systemd\[57693\]: dbus.service: Succeeded.
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

## -- The unit UNIT has successfully entered the 'dead' state.
Oct 17 16:00:46 myvps systemd\[57693\]: Stopped D-Bus User Message Bus.
-- Subject: A stop job for unit UNIT has finished
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

## -- A stop job for unit UNIT has finished.

## -- The job identifier is 52 and the job result is done.
Oct 17 16:00:46 myvps systemd\[57693\]: pantalaimon.service: Main process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

## -- An ExecStart= process belonging to unit UNIT has exited.

## -- The process' exit code is 'exited' and its exit status is 1.
Oct 17 16:00:46 myvps systemd\[57693\]: pantalaimon.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support

-- The unit UNIT has entered the 'failed' state with result 'exit-code'.

I've ended up running it as a command inside of tmux after each reboot and it runs endlessly without a problem. I don't know what the difference is, but if anyone is running it successfully inside a systemd .service file I'd be interested in seeing the contents of it. Or if anyone knows of any tricks to get it to run properly, I'd be interested in hearing them. Thanks.

Edit:

This is the last --user pantalaimon.service file I tried using before sticking with tmux.

[Unit]
Description=Pantalaimon
After=syslog.target
After=network.target
Requires=dbus.socket

[Service]
Type=simple

WorkingDirectory=/home/jeremiah/.local/bin/
#ExecStartPre=/bin/sleep 60
ExecStart=/home/jeremiah/.local/bin/pantalaimon --log-level debug

Restart=always
RestartSec=15

[Install]
WantedBy=multi-user.target

Also, I can open a new issue if necessary but this is exactly what I've been trying to figure out and some steps I've taken to try to get it work.

WurdahMekanik commented 1 year ago

Untested, but systemd has a pretty standard template so this should work:

Create the systemd config file (and set permissions):

sudo touch /etc/systemd/system/pantalimon-daemon.service
sudo chmod 664 /etc/systemd/system/pantalimon-daemon.service

Content of the file:

[Unit]
Description=Pantalimon systemd service

[Service]
ExecStart=<point to your pantalimon binary>

[Install]
WantedBy=multi-user.target

Run this to reload your daemon config (so systemctl start pantalimon-daemon, stop, restart, etc work):

sudo systemctl daemon-reload

Run this to make it start automatically on boot:

sudo systemctl enable pantalimon-daemon

Run this to see the service logs:

journalctl -u f pantalimon-daemon

I was able to get this to work*, but I manually edited pantalaimon/ui.py to set UI_ENABLED = False

*Unfortunately, this also prevents panctl from working, which seems to be the only way of verifying a device. I'm not super familiar with dbus, but it seems like something needs to be done about setting up a dbus session when running as a system service.

It's kind of ridiculous how a major use-case for this package (Mjolnir) is setup to run as a system service, but will always fail to start on boot if configured to login via pantalaimon because this package is setup to run as a user service.

Duchadian commented 1 year ago

Posting my setup here in the odd case it might help someone. I've got a setup that starts a Docker container via systemd:

Description=Matrix TLS Proxy
Requires=docker.service
After=docker.service
DefaultDependencies=no

[Service]
Type=simple
Environment="HOME=/root"
ExecStartPre=-/usr/bin/env sh -c '/usr/bin/env docker kill pantalaimon 2>/dev/null'
ExecStartPre=-/usr/bin/env sh -c '/usr/bin/env docker rm pantalaimon 2>/dev/null'

ExecStart=/usr/bin/env docker run --rm --name pantalaimon \
                        --log-driver=none \
                        -p 0.0.0.0:18080:8008 \
                        --mount type=bind,src=/pantalaimon,dst=/data \
                        pantalaimon:latest

ExecStop=-/usr/bin/env sh -c '/usr/bin/env docker kill pantalaimon 2>/dev/null'
ExecStop=-/usr/bin/env sh -c '/usr/bin/env docker rm pantalaimon 2>/dev/null'
Restart=always
RestartSec=10
SyslogIdentifier=pantalaimon

[Install]
WantedBy=multi-user.target

The service mounts the /pantalaimon path in the container. /pantalaimon contains the pantalaimon.conf file, which in my case looks like this:

[Default]
LogLevel = Debug
SSL = True

[local-matrix]
Homeserver = <https://matrix.example.com>
ListenAddress = 0.0.0.0
ListenPort = 8008
SSL = False
UseKeyring = False
IgnoreVerification = True

However, this doesn't result in a working panctl. Logs are only available via journalctl, though this can be set to output to the docker container logs by removing the SyslogIdentifier and --log-driver=none lines.