KTailctl icon indicating copy to clipboard operation
KTailctl copied to clipboard
verified publisher icon f-koehler

check if daemon is running and allow start

Open boschkundendienst opened this issue 2 years ago • 7 comments

Hi, thanks for that great UI. I have one feature request. May tailscaled is setup for manual starting. When I want to use ktailctl I first have to start the daemon. It would be very nice when checking for the daemon as you already do when I see this in the output:

Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory

it would be nice if the GUI would still start but ask to start the daemon and if needed for permission to start it.

boschkundendienst avatar Jun 27 '23 17:06 boschkundendienst

@boschkundendienst, thanks for the feedback! I think I get your point. It actually aligns with some other cases I want to handle better in the future:

  • Detect whether a login to Tailscale is required.
  • Detect whether the current user is the operator and disable parts of the UI if he is not.

One big problem that I see is that the startup of tailscale might work differently for different people. Some people might use a systemd service while others might do it manually as you seem to be doing. Maybe it is possible to add some config options to handle this.

Also there is then the issue of privilege escalation which could for example achieved via KAuth.

Can you maybe share the command with which you start tailscaled? I think then one should also handle non-standard socket paths, etc.

f-koehler avatar Jun 27 '23 18:06 f-koehler

I use sudo systemctl start tailscaled on Manjaro.

boschkundendienst avatar Jun 27 '23 18:06 boschkundendienst

Ah I see, thought you where manually executing tailscaled with some flags. Maybe a good first step would be to detect whether the system runs systemd and then ask to start the service. Other scenarios (non-systemd based distros) could be handled later.

f-koehler avatar Jun 27 '23 18:06 f-koehler

thanks for your update. I would suggest creating a configuration file with an entry like this

initsystem=systemd daemon=tailscaled initcommand=systemctl start $daemon

or something like that.

Thanks for looking into it.

I can handle this but maybe at least the ui should come up grayed out telling daemon not running or something similar.

good work btw!

boschkundendienst avatar Jun 27 '23 21:06 boschkundendienst

Version 0.6.0 should appear on flathub in the next few hours. This release deactivates most parts of the interface when the tailscale local API is not accessible.

I am still evaluating what the best way of asking the user to start tailscaled is. Especially considering the ramifications for the flatpak. For systemd this would probably mean talking to systemd via the D-BUS interface on the system bus which will likely involve some authentication.

@boschkundendienst Just out of interest: what is your motivation for not automatically starting tailscaled by enabling it in systemd?

f-koehler avatar Jul 02 '23 10:07 f-koehler

I have not only tailscale, I use Nebula, my own Wireguard, Tink and other stuff. They sometimes interfer, eg. my own Wireguard also uses 100.x.x.x. that's why I start them on demand.

boschkundendienst avatar Jul 02 '23 10:07 boschkundendienst

@boschkundendienst Wow you are using all the VPN tools :laughing: Makes sense that you run into conflicts then.

I will continue to explore how to best start tailscale.

f-koehler avatar Jul 02 '23 11:07 f-koehler