diff --git a/cmd/finch-daemon/main.go b/cmd/finch-daemon/main.go index a9a69321..acaa37a4 100644 --- a/cmd/finch-daemon/main.go +++ b/cmd/finch-daemon/main.go @@ -21,6 +21,7 @@ import ( // register HTTP handler for /debug/pprof on the DefaultServeMux. _ "net/http/pprof" + "github.com/coreos/go-systemd/v22/activation" "github.com/coreos/go-systemd/v22/daemon" "github.com/runfinch/finch-daemon/api/router" "github.com/runfinch/finch-daemon/pkg/flog" @@ -69,6 +70,35 @@ func runAdapter(cmd *cobra.Command, _ []string) error { return run(options) } +func getListener(options *DaemonOptions) (net.Listener, error) { + var listener net.Listener + var err error + + if options.socketAddr == "fd://" { + if options.socketOwner != -1 { + return nil, fmt.Errorf("socket-owner is not supported while using socket activation using fd://") + } + + listeners, err := activation.Listeners() + if err != nil { + return nil, fmt.Errorf("cannot retrieve listeners: %w", err) + } + if len(listeners) != 1 { + return nil, fmt.Errorf("unexpected number of socket activations (%d != 1)", len(listeners)) + } + listener = listeners[0] + } else { + listener, err = net.Listen("unix", options.socketAddr) + if err != nil { + return nil, fmt.Errorf("failed to listen on %s: %w", options.socketAddr, err) + } + if err := os.Chown(options.socketAddr, options.socketOwner, options.socketOwner); err != nil { + return nil, fmt.Errorf("failed to chown the socket: %w", err) + } + } + return listener, nil +} + func run(options *DaemonOptions) error { // This sets the log level of the dependencies that use logrus (e.g., containerd library). if options.debug { @@ -84,14 +114,10 @@ func run(options *DaemonOptions) error { serverWg := &sync.WaitGroup{} serverWg.Add(1) - listener, err := net.Listen("unix", options.socketAddr) + var listener net.Listener + listener, err = getListener(options) if err != nil { - return fmt.Errorf("failed to listen on %s: %w", options.socketAddr, err) - } - // TODO: Revisit this after we use systemd to manage finch-daemon. - // Related: https://github.com/lima-vm/lima/blob/5a9bca3d09481ed7109b14f8d3f0074816731f43/examples/podman-rootful.yaml#L44 - if err := os.Chown(options.socketAddr, options.socketOwner, options.socketOwner); err != nil { - return fmt.Errorf("failed to chown the finch-daemon socket: %w", err) + return fmt.Errorf("failed to create a listener: %w", err) } if options.debugAddress != "" { diff --git a/docs/debug.md b/docs/debug.md index cb5f9320..b05647f9 100644 --- a/docs/debug.md +++ b/docs/debug.md @@ -11,7 +11,7 @@ sudo journalctl -u finch ``` > **Note** -> The command above assumes that you have used the unit file definition [finch.service](../finch.service) we have provided. If you have created your own unit file for `finch-daemon` and replace `finch-daemon` with the one you have made. Amazon Linux distributions of Finch also use the name `finch` for the finch-daemon service. +> The command above assumes that you have used the unit file definition [finch.service](./sample-service-files/finch.service) we have provided. If you have created your own unit file for `finch-daemon` and replace `finch-daemon` with the one you have made. Amazon Linux distributions of Finch also use the name `finch` for the finch-daemon service. If you have started `finch-daemon` manually, logs will either be emitted to stderr/stdout. diff --git a/docs/finch-daemon-with-systemd.md b/docs/finch-daemon-with-systemd.md new file mode 100644 index 00000000..13a38236 --- /dev/null +++ b/docs/finch-daemon-with-systemd.md @@ -0,0 +1,24 @@ +# Using finch-daemon with systemd + + +# Configuring finch-daemon to support socket activation + +This guide provides instructions for setting up and using socket activation for the Finch Daemon with systemd. + +### Configure Socket and Service Files + +Add the following configuration files to systemd: + +### Socket Configuration + +Create the socket unit file at `/etc/systemd/system/finch.socket`. An example can be found in [finch-socket-activation.socket](./sample-service-files/finch-socket-activation.socket) + +### Service file Configuration + +Create the service unit file at /etc/systemd/system/finch.service. An example can be found in [finch-socket-activation.service](./sample-service-files/finch-socket-activation.service) + + +### Enable the service + +sudo systemctl enable finch.socket finch.service +sudo systemctl start finch.socket diff --git a/docs/sample-service-files/finch-socket-activation.service b/docs/sample-service-files/finch-socket-activation.service new file mode 100644 index 00000000..e69de29b diff --git a/docs/sample-service-files/finch-socket-activation.socket b/docs/sample-service-files/finch-socket-activation.socket new file mode 100644 index 00000000..e69de29b diff --git a/finch.service b/docs/sample-service-files/finch.service similarity index 100% rename from finch.service rename to docs/sample-service-files/finch.service