diff --git a/CMakeLists.txt b/CMakeLists.txt index 6a377c0442c..e4247d16f7d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -419,6 +419,15 @@ endif() # if (${CMAKE_SYSTEM_NAME} MATCHES "Linux") configure_files (${CMAKE_CURRENT_SOURCE_DIR}/dist/rpm ${CMAKE_BINARY_DIR}/rpm) + if (DEFINED ENV{SNAPCRAFT_PART_BUILD}) + set (SYSTEMD_EXEC_PATH_PREFIX "/snap/bin/barrier.") + else() + set (SYSTEMD_EXEC_PATH_PREFIX "/usr/bin/") + endif() + configure_files (${CMAKE_CURRENT_SOURCE_DIR}/dist/systemd ${CMAKE_BINARY_DIR}/systemd) + install(FILES ${CMAKE_BINARY_DIR}/systemd/barrierc@.service DESTINATION lib/systemd/system) + install(FILES ${CMAKE_BINARY_DIR}/systemd/barriers@.service DESTINATION lib/systemd/system) + install(FILES ${CMAKE_BINARY_DIR}/systemd/barriers.service DESTINATION lib/systemd/system) install(FILES res/barrier.svg DESTINATION share/icons/hicolor/scalable/apps) if("${VERSION_MAJOR}" STREQUAL "2") install(FILES res/barrier2.desktop DESTINATION share/applications) diff --git a/dist/systemd/barrierc@.service.in b/dist/systemd/barrierc@.service.in new file mode 100644 index 00000000000..60dfcc9c4c3 --- /dev/null +++ b/dist/systemd/barrierc@.service.in @@ -0,0 +1,59 @@ +# Barrier Client service barrierc-@BARRIER_VERSION@ +# +# This file is part of Barrier. +# +# This is a systemd template service for the barrierc client service. Instances +# are started using @. For example: +# +# Starting: +# systemctl start barrierc@myserver +# or: +# systemctl start barrierc@myserver:24800 +# +# Enabling: +# systemctl enable barrierc@myserver +# +# SSL Fingerprints are stored in /var/lib/barrier@ for each client +# instance. + +[Unit] +Description=Barrier Client connected to %I (Open-source KVM software) +Documentation=man:barrierc(1) man:barriers(1) +Documentation=https://github.com/debauchee/barrier/wiki +# Require network before starting barrierc +After=network-online.target +Wants=network-online.target +# Don't run client if server is running +Conflicts=barriers.service + +[Service] +Type=simple +# Log level may be FATAL, ERROR, WARNING, NOTE, INFO, DEBUG, DEBUG1, DEBUG2 +Environment=LOG_LEVEL=INFO +# Default display is :0 +Environment=DISPLAY=:0 +# Store fingerprints in instance specific directories +Environment=XDG_DATA_HOME=/var/lib/barrier/barrier@%i +# TrustedServers.txt Directory +Environment=FP_DIR=/var/lib/barrier/barrier@%i/barrier/SSL/Fingerprints +# Ensure the Fingerprints directory exists +StateDirectory=barrier/barrier@%i/barrier/SSL/Fingerprints + +# This uses openssl commands and grep to get the server's key and +# store it in the TrustedServers.txt file. OpenSSL is a requirement +# for barrier on Linux so these commands should exist. This will only +# work if using the default 24800 port (since the port number must be +# specified for openssl) +ExecStartPre=/usr/bin/sh -c "[ -f "${FP_DIR}/TrustedServers.txt" ] ||\ +openssl s_client -connect %i:24800 2>/dev/null |\ +openssl x509 -noout -sha1 -fingerprint |\ +grep -oE '([A-Z0-9]{2}:?){20}' > ${FP_DIR}/TrustedServers.txt" + +# Main executable +ExecStart=@SYSTEMD_EXEC_PATH_PREFIX@barrierc --enable-crypto --display ${DISPLAY} --debug ${LOG_LEVEL} --no-daemon %i +# Restart on fail +Restart=always + +[Install] +# Install to graphical target +WantedBy=graphical.target diff --git a/dist/systemd/barriers.service.in b/dist/systemd/barriers.service.in new file mode 100644 index 00000000000..67f3f85b143 --- /dev/null +++ b/dist/systemd/barriers.service.in @@ -0,0 +1,41 @@ +# Barrier Server service barriers-@BARRIER_VERSION@ +# +# This file is part of Barrier. +# +# This systemd service starts barrier on the default port 24800. +# +# SSL data is stored in /var/lib/barrier:24800/barrier/SSL + +[Unit] +Description=Barrier Server listening on 24800 (Open-source KVM software) +Documentation=man:barriers(1) man:barrierc(1) +Documentation=https://github.com/debauchee/barrier/wiki +# Require network before starting barrierc +After=network-online.target +Wants=network-online.target +# Don't run server if client or another instance is running +Conflicts=barrierc@.service barriers@.service + +[Service] +Type=simple +# Log level may be FATAL, ERROR, WARNING, NOTE, INFO, DEBUG, DEBUG1, DEBUG2 +Environment=LOG_LEVEL=INFO +# Default display is :0 +Environment=DISPLAY=:0 +# Store SSL data in instance specific directories +Environment=XDG_DATA_HOME=/var/lib/barrier/barrier:24800 +# SSL data directory +Environment=CERT_DIR=/var/lib/barrier/barrier:24800/barrier/SSL +# Ensure the SSL directory exists +StateDirectory=barrier/barrier:24800/barrier/SSL +# Create the Barrier.pem certificate if it doesn't exist +ExecStartPre=/usr/bin/sh -c "[ -f ${CERT_DIR}/Barrier.pem ] || openssl req -x509 -nodes -days 365 -subj '/CN=Barrier' -newkey rsa:2048 -text -keyout ${CERT_DIR}/Barrier.pem -out ${CERT_DIR}/Barrier.pem" + +# Main executable +ExecStart=@SYSTEMD_EXEC_PATH_PREFIX@barriers --enable-crypto --display ${DISPLAY} --debug ${LOG_LEVEL} --config /etc/barrier.conf --no-daemon --address :24800 +# Restart on fail +Restart=always + +[Install] +# Install to graphical target +WantedBy=graphical.target diff --git a/dist/systemd/barriers@.service.in b/dist/systemd/barriers@.service.in new file mode 100644 index 00000000000..f9545a16522 --- /dev/null +++ b/dist/systemd/barriers@.service.in @@ -0,0 +1,54 @@ +# Barrier Server service barriers-@BARRIER_VERSION@ +# +# This file is part of Barrier. +# +# This is a systemd template service for running the barriers server using a +# specific port or IP. Instances are started using @[ip]:. For example: +# +# Starting: +# systemctl start barriers@0.0.0.0:24800 +# or: +# systemctl start barriers@:24800 +# +# Enabling: +# systemctl enable barriers@0.0.0.0:24800 +# +# SSL data is stored in /var/lib/barrier/barrier/barrier/SSL for each +# instance. + +[Unit] +Description=Barrier Server listening on %I (Open-source KVM software) +Documentation=man:barriers(1) man:barrierc(1) +Documentation=https://github.com/debauchee/barrier/wiki +# Require network before starting barrierc +After=network-online.target +Wants=network-online.target +# Don't run server if client or another server is running +Conflicts=barrierc@.service barriers.service +# Sanity check that /var/lib exists +ConditionPathExists=/var/lib + +[Service] +Type=simple +# Log level may be FATAL, ERROR, WARNING, NOTE, INFO, DEBUG, DEBUG1, DEBUG2 +Environment=LOG_LEVEL=INFO +# Default display is :0 +Environment=DISPLAY=:0 +# Store SSL data in instance specific directories +Environment=XDG_DATA_HOME=/var/lib/barrier/barrier%i +# SSL data directory +Environment=CERT_DIR=/var/lib/barrier/barrier%i/barrier/SSL +# Ensure the SSL directory exists +StateDirectory=barrier/barrier%i/barrier/SSL +# Create the Barrier.pem certificate if it doesn't exist +ExecStartPre=/usr/bin/sh -c "[ -f ${CERT_DIR}/Barrier.pem ] || openssl req -x509 -nodes -days 365 -subj '/CN=Barrier' -newkey rsa:2048 -text -keyout ${CERT_DIR}/Barrier.pem -out ${CERT_DIR}/Barrier.pem" + +# Main executable +ExecStart=@SYSTEMD_EXEC_PATH_PREFIX@barriers --enable-crypto --display ${DISPLAY} --debug ${LOG_LEVEL} --config /etc/barrier.conf --no-daemon --address %i +# Restart on fail +Restart=always + +[Install] +# Install to graphical target +WantedBy=graphical.target +DefaultInstance=:24800