Installation on FreeBSD/TrueNAS jails

[sidbena]

Prerequisites

• I have checked the Wiki and Discussions and found no answer

• I have searched other issues and found no duplicates

• I want to report a bug and not ask a question

Operating system type

FreeBSD

CPU architecture

AMD64

Installation

GitHub releases or script from README

Setup

On one machine

AdGuard Home version

v0.107.22

Description

What did you do?

Tried to install AdGuardHome in my TrueNAS jail with the curl ... | sh script.

Expected result

AdGuardHome installed, possibly with AdGuardHome installed as a service.

Actual result

either curl or wget is required to install AdGuard Home via this script

Screenshots (if applicable)

Additional information

If I'm not mistaken, TrueNAS jails by default have no curl or wget, but they do have the native fetch command.
I tried to execute the install command (curl -s -S -L https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v) with my jail, but naturally this fails. So I instead changed to fetch (fetch -o - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v) but the script quickly realizes that curl or wget isn't available and exits.

I would like TrueNAS jails to be natively supported, with these changes:

1. Change the README to have a section for TrueNAS/FreeBSD installations to use fetch instead:

fetch -o - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v

2. Change the script to support fetch installs on TrueNAS/FreeBSD, and install into %%PREFIX%%/bin/<product_name>.
3. Edit the rc.d script for service installations on TrueNAS/FreeBSD to support RC variables, such as adguard_enable, working_directory or log_file, as per https://cgit.freebsd.org/ports/tree/www/adguardhome/files/adguardhome.in.
   This would also require changing the code in AdGuardHome/internal/home/service.go and possibly other files to accommodate this change.

I'm happy to assist with testing on TrueNAS and/or ventilate any questions that might arise.
Thanks in advance!

[EugeneOne1]

@sidbena, hello. We've updated the installation script and the README.md to support the fetch command. Could you please check it out?

Also, could you please provide some details on the third part? We're ready to make these changes but we'd like to have some documentation to make sure that we're understand what kind of issue we're solving here. Thanks.

[sidbena]

Hello again,
I tried running your installation script and got this:

# fetch -o - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v
-                                                       12 kB   33 MBps    00s
starting AdGuard Home installation script
channel: release
operating system: freebsd
cpu type: amd64
AdGuard Home will be installed into /opt/AdGuardHome
checking tar
script is executed with root privileges
no need to uninstall
downloading package from https://static.adtidy.org/adguardhome/release/AdGuardHome_freebsd_amd64.tar.gz -> AdGuardHome_freebsd_amd64.tar.gz
AdGuardHome_freebsd_amd64.tar.gz                      8921 kB   25 MBps    01s
successfully downloaded AdGuardHome_freebsd_amd64.tar.gz
unpacking package from AdGuardHome_freebsd_amd64.tar.gz into /opt
successfully unpacked, contents:
total 3
-rwxrwxrwx  1 root  wheel  27090944 Feb  1 14:18 AdGuardHome
-rw-rw-rw-  1 root  wheel       587 Feb  1 14:18 AdGuardHome.sig
-rw-r--r--  1 root  wheel     64493 Feb  1 14:18 CHANGELOG.md
-rw-r--r--  1 root  wheel     35149 Feb  1 14:18 LICENSE.txt
-rw-r--r--  1 root  wheel     21202 Feb  1 14:18 README.md
2023/02/12 22:24:48 [info] AdGuard Home, version v0.107.23
2023/02/12 22:24:48 [info] service: control action: install
2023/02/12 22:24:48 [fatal] service: starting: Failed to start AdGuard Home service: exit status 1
installation failed, removing /opt/AdGuardHome
cannot install AdGuardHome as a service

So something relating to installing AdGuardHome as a service is failing.

---

Regarding the third part, I'm referring to the rc script that the service installation is installing, which seems to be this:

#!/bin/sh
# PROVIDE: AdGuardHome
# REQUIRE: networking
# KEYWORD: shutdown

. /etc/rc.subr

name="AdGuardHome"
AdGuardHome_env="IS_DAEMON=1"
AdGuardHome_user="root"
pidfile_child="/var/run/${name}.pid"
pidfile="/var/run/${name}_daemon.pid"
command="/usr/sbin/daemon"
command_args="-P ${pidfile} -p ${pidfile_child} -T ${name} -r /opt/AdGuardHome/AdGuardHome"
run_rc_command "$1"

Compare that to the rc script that's installed with the port installer that I linked to and you'll notice that there are a few additional variables and features being usable with that, such as defining a working folder, a config file path and others. When I setup AdGuardHome in a jail I like being able to define a config path that's mounted so that I can easily transfer my config to a new jail should I need to.

[EugeneOne1]

@sidbena, thanks for a thorough report, we're looking into the script. For now, could you please help us a bit more? We'd like to see the output of manual service installation with something like:

sudo ./AdGuardHome -v -s install

You may download the archive with binary file directly from our server, just like the installation script does:

fetch -o ./agh.tar.gz https://static.adtidy.org/adguardhome/release/AdGuardHome_freebsd_amd64.tar.gz

The -v option is important here because to properly troubleshoot the issue, we need a verbose output. If it contains some sensitive information, you may send a redacted version to devteam@adguard.com with this issue number in the subject.

[sidbena]

By the looks of things, that actually went OK.

2023/02/15 22:28:20 [info] AdGuard Home, version v0.107.23
2023/02/15 22:28:20 [info] service: control action: install
2023/02/15 22:28:21 [info] service: started
2023/02/15 22:28:21 [info] Almost ready!
AdGuard Home is successfully installed and will automatically start on boot.
There are a few more things that must be configured before you can use it.
Click on the link below and follow the Installation Wizard steps to finish setup.
AdGuard Home is now available at the following addresses:
2023/02/15 22:28:21 [info] go to http://[::1]:3000
2023/02/15 22:28:21 [info] go to http://[fe80::1%lo0]:3000
2023/02/15 22:28:21 [info] go to http://127.0.0.1:3000
2023/02/15 22:28:21 [info] go to http://192.168.1.6:3000
2023/02/15 22:28:21 [info] service: action install has been done successfully on freebsd

Does something differ in the two ways to install AdGuardHome as a service? I.e. with using the install script and with using the binary itself?
I just tried the script way again (after removing /usr/local/etc/rc.d/AdGuardHome to allow the install to re-create it), and the script failed again, with the same fairly vague error (cannot install ... as a service)

[EugeneOne1]

@sidbena, I see. We've just pushed the fixed script, could you please check the one? We seem to have omitted the necessary privileges from the action of installing the service.

[sidbena]

I tried running the install script again and noticed this line in the output; sh: sudo: not found. A default TrueNAS jail does not contain sudo. Also, if the script is already running in a root context (which you already check with the function here), any spawned process would inherit this and not require sudo, unless I'm mistaken. Getting the path to the currently running shell could be gotten with something like this:

# which $(ps -cp $$ | tail -1 | awk '{print $NF}')
/usr/local/bin/zsh

Therefor re-running the script could be done with:

cur_shell=$(which $(ps -cp $$ | tail -1 | awk '{print $NF}'))
# and then the code to re-run
{ "$download_func" "$script_url" || echo 'exit 1'; }\
		| $cur_shell -s -- -c "$channel" -C "$cpu" -O "$os" -o "$out_dir" "$r" "$u" "$v"

but perhaps I'm misinterpreting something, or I've missed something vital you're doing in the process. I think it'd be good to check for sudo if you're gonna use it, even if the script is running as root. Since I haven't checked out the code in its entirety, I'm more than likely missing the reasoning.

[xpufx]

Having the same problem. Looks like the script knows it's running as root, but still tries to run sudo anyway. (I haven't tested with the unreleased commits). Script should not run sudo if it's running as root. It should actually never run sudo , but ask the user to run the script as root. I know why you might refrain from it - internet script piped to shell and everything, but since sudo is needed later, this is not real security anyway.

By the way, is there a way to NOT remove the installed files. Presumably I could fix this install easily just by moving the init script where it's supposed to go, but by the end of a failed run, everything is deleted.

Note that I just pkg installed sudo to have the script complete.

 # fetch -vo - https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh -s -- -v
resolving server address: raw.githubusercontent.com:443
SSL options: 82004854
Peer verification enabled
Using OpenSSL default CA cert file and path
Verify hostname
TLSv1.3 connection established using TLS_AES_128_GCM_SHA256
Certificate subject: /C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.github.io
Certificate issuer: /C=US/O=DigiCert Inc/CN=DigiCert TLS RSA SHA256 2020 CA1
requesting https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh
remote size / mtime: 13133 / 0
-                                                       12 kB 4727 kBps    00s
starting AdGuard Home installation script
channel: release
operating system: freebsd
cpu type: amd64
AdGuard Home will be installed into /opt/AdGuardHome
checking tar
script is executed with root privileges
no need to uninstall
downloading package from https://static.adtidy.org/adguardhome/release/AdGuardHome_freebsd_amd64.tar.gz -> AdGuardHome_freebsd_amd64.tar.gz
AdGuardHome_freebsd_amd64.tar.gz                      9544 kB 5931 kBps    02s
successfully downloaded AdGuardHome_freebsd_amd64.tar.gz
unpacking package from AdGuardHome_freebsd_amd64.tar.gz into /opt
successfully unpacked, contents:
total 3
-rwxrwxrwx  1 root  wheel  28909568 Dec  7 18:00 AdGuardHome
-rw-rw-rw-  1 root  wheel       587 Dec  7 18:00 AdGuardHome.sig
-rw-r--r--  1 root  wheel    102866 Dec  7 18:00 CHANGELOG.md
-rw-r--r--  1 root  wheel     35149 Dec  7 18:00 LICENSE.txt
-rw-r--r--  1 root  wheel     21918 Dec  7 18:00 README.md
sh: sudo: not found
installation failed, removing /opt/AdGuardHome
cannot install AdGuardHome as a service