aboutsummaryrefslogtreecommitdiff
path: root/security/tailscale/files/tailscaled.in
blob: f70c8cd71873851337e57a8b0757b50d330ab556 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#!/bin/sh

# PROVIDE: tailscaled
# REQUIRE: NETWORKING
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# tailscaled_enable (bool):	Set it to YES to enable tailscaled.
#				Default is "NO".
# tailscaled_port (number):	Set the port to listen on for incoming VPN packets.
#				Default is "41641".
# tailscaled_syslog_output_enable (bool):	Set to enable syslog output.
#						Default is "NO". See daemon(8).
# tailscaled_syslog_output_priority (str):	Set syslog priority if syslog enabled.
#						Default is "info". See daemon(8).
# tailscaled_syslog_output_facility (str):	Set syslog facility if syslog enabled.
#						Default is "daemon". See daemon(8).
# tailscaled_exitnode_enable (bool):	Set it to YES to announce tailscaled as
#                                       an exit node. Default is "NO".
# tailscaled_tun_dev (str):	Set the name of the tun interface tailscaled creates.
#				Default is "tailscale0"

. /etc/rc.subr

name=tailscaled
rcvar=tailscaled_enable

load_rc_config $name

: ${tailscaled_enable:="NO"}
: ${tailscaled_port:="41641"}
: ${tailscaled_exitnode_enable:="NO"}
: ${tailscaled_tun_dev:="tailscale0"}

DAEMON=$(/usr/sbin/daemon 2>&1 | grep -q syslog ; echo $?)
if [ ${DAEMON} -eq 0 ]; then
        : ${tailscaled_syslog_output_enable:="NO"}
        : ${tailscaled_syslog_output_priority:="info"}
        : ${tailscaled_syslog_output_facility:="daemon"}
        if checkyesno tailscaled_syslog_output_enable; then
                tailscaled_syslog_output_flags="-t ${name} -T ${name}"

                if [ -n "${tailscaled_syslog_output_priority}" ]; then
                        tailscaled_syslog_output_flags="${tailscaled_syslog_output_flags} -s ${tailscaled_syslog_output_priority}"
                fi

                if [ -n "${tailscaled_syslog_output_facility}" ]; then
                        tailscaled_syslog_output_flags="${tailscaled_syslog_output_flags} -l ${tailscaled_syslog_output_facility}"
                fi
        fi
else
        tailscaled_syslog_output_enable="NO"
        tailscaled_syslog_output_flags=""
fi

pidfile=/var/run/${name}.pid
procname="%%PREFIX%%/bin/${name}"
ctlname="%%PREFIX%%/bin/tailscale"

start_cmd="${name}_start"
start_postcmd="${name}_poststart"
stop_postcmd="${name}_poststop"

tailscaled_start()
{
	# Check for orphaned tailscale network interface
	# And if it exists, then destroy it
	/sbin/ifconfig ${tailscaled_tun_dev} >/dev/null 2>&1 && (
		/sbin/ifconfig ${tailscaled_tun_dev} | fgrep -qw PID ||
		/sbin/ifconfig ${tailscaled_tun_dev} destroy
	)
	env CACHE_DIRECTORY=/var/db/tailscale /usr/sbin/daemon -f ${tailscaled_syslog_output_flags} -p ${pidfile} ${procname} -port ${tailscaled_port} -tun ${tailscaled_tun_dev}
}

tailscaled_poststart()
{
        if checkyesno tailscaled_exitnode_enable; then
		logger -s -t tailscale "Enabling Exit node mode"
                ${ctlname} up --advertise-exit-node
        fi
}

tailscaled_poststop()
{
	/sbin/ifconfig ${tailscaled_tun_dev} >/dev/null 2>&1 && (
		logger -s -t tailscaled "Destroying ${tailscaled_tun_dev} adapter"
		/sbin/ifconfig ${tailscaled_tun_dev} destroy || logger -s -t tailscaled "Failed to destroy ${tailscaled_tun_dev} adapter"
	)
}

run_rc_command "$1"