jacobpascual/tailscale-initramfs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f475be81b94b7ecbeb13162eff7ed4b29ed92cc0
tailscale-initramfs/scripts/init-premount/tailscale
Paul Aurich 564c3c3539 Create /etc/resolv.conf in initramfs for tailscale client 
On Debian systems, unless configured by something else, there isn't an
/etc/resolv.conf in the initramfs, which hinders DNS resolution.
Tailscale has its fallback DNS functionality, but that has problems [1]
in the corner-case situation of a Debian initramfs environment:

- no /etc/resolv.conf means tailscale (or golang?) attempts to use
  127.0.0.1 as a DNS resolver
- the loopback interface (lo) isn't brought up in the initramfs. linux
  sends the DNS traffic off-device (destined for 127.0.0.1)

Even with the Tailscale fix for that issue, it's a fallback and there's
a noticeable delay, so do the correct thing here and create
/etc/resolv.conf.

[1] https://github.com/tailscale/tailscale/issues/6110
2023-05-03 19:53:13 -07:00

120 lines
2.8 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
#set -e
PREREQ="udev"
prereqs()
{
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
[ -x /bin/tailscale ] || exit 0
. /scripts/functions
PIDFILE="/run/tailscale.pid"
if [ -e /etc/tailscale/initramfs/config ]; then
. /etc/tailscale/initramfs/config
fi
if [ -z "${TAILSCALE_HOSTNAME-}" ]; then
if [ -f /etc/tailscale/initramfs/hostname ]; then
HOSTNAME=$(cat /etc/tailscale/initramfs/hostname)
else
HOSTNAME=$(hostname -s)
fi
TAILSCALE_HOSTNAME=${HOSTNAME}-initramfs
fi
network_up()
{
for conf in /run/net-*.conf /run/net6-*.conf; do
if [ -e "$conf" ]; then
# shellcheck disable=SC1090
. "$conf"
return 0
fi
done
return 1
}
# shellcheck disable=SC3043
create_resolv_conf()
{
if [ -e /etc/resolv.conf ]; then
return
fi
local ns
for ns in "${IPV4DNS0:-}" "${IPV4DNS1:-}" "${IPV6DNS0:-}" "${IPV6DNS1:-}"; do
if [ -n "$ns" ] && [ "$ns" != "0.0.0.0" ]; then
echo "nameserver $ns" >> /etc/resolv.conf
fi
done
if [ -e /etc/resolv.conf ]; then
return
fi
for ns in ${FALLBACK_DNS_SERVERS:-}; do
if [ -n "$ns" ]; then
echo "nameserver $ns" >> /etc/resolv.conf
fi
done
}
# shellcheck disable=SC2039,SC2086,SC3043
run_tailscale()
{
log_begin_msg "Starting tailscale"
local options="--state=/var/lib/tailscale/tailscaled.state --socket=/run/tailscale/tailscaled.sock"
# FIXME: This races with dropbear-initramfs bringing up the network
# asynchronously
if [ "$BOOT" != nfs ]; then
# Keep trying to bring up the network until it's up
# or the boot process continues toward finish.
while true; do
# "." builtin (in dash) exits on error. Run configure_networking
# in a subshell and wait for it.
configure_networking &
wait $!
if ! [ -e "$PIDFILE" ]; then
break
fi
if network_up; then
create_resolv_conf
break
fi
done
fi
# A little race-y to start the client before the daemon, but the client
# will attempt to connect to the socket for a while.
# https://github.com/tailscale/tailscale/blob/8cf1af8a0703c36256fc58e98ddb63b8907848f1/safesocket/safesocket.go#L119-L122
/bin/tailscale --socket=/run/tailscale/tailscaled.sock up --authkey="${TAILSCALE_AUTHKEY}" --hostname="${TAILSCALE_HOSTNAME}" $TAILSCALE_OPTIONS &
if [ "${debug:-}" != y ]; then
exec 2>/run/initramfs/tailscale.log
fi
exec /sbin/tailscaled $options $TAILSCALED_OPTIONS
}
[ "$BOOT" = nfs ] && configure_networking
modprobe tun
run_tailscale &
echo $! > "$PIDFILE"
exit 0
Reference in New Issue View Git Blame Copy Permalink