Refactor Debian/Ubuntu packaging #2614
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pull Request Revisions
✅ AI review completed for r3 HelpReact with emojis to give feedback on AI-generated reviews:
We'd love to hear from you—reach out anytime at [email protected]. |
kradalby
approved these changes
May 21, 2025
Collaborator
kradalby
left a comment
There was a problem hiding this comment.
One question, otherwise looks great, thanks for such thorough work!
Move files for packaging outside the docs directory into its own packaging directory. Replace the existing postinstall and postremove scripts with Debian maintainerscripts to behave more like a typical Debian package: * Start and enable the headscale systemd service by default * Does not print informational messages * No longer stop and disable the service on updates This package also performs migrations for all changes done in previous package versions on upgrade: * Set login shell to /usr/sbin/nologin * Set home directory to /var/lib/headscale * Migrate to system UID/GID The package is lintian-clean with a few exceptions that are documented as excludes and it passes puipars (both tested on Debian 12). The following scenarious were tested on Ubuntu 22.04, Ubuntu 24.04, Debian 11, Debian 12: * Install * Install same version again * Install -> Remove -> Install * Install -> Purge -> Install * Purge * Update from 0.22.0 * Update from 0.26.0 See: juanfont#2278 See: juanfont#2133 Fixes: juanfont#2311
The systemd target "syslog.target" and not required because syslog is socket activated. The directory /var/run is usually a symlink to /run and its created by systemd via the RuntimeDirectory=headscale option. System creates and handles permissions, no need to manually mark it as a read-write path.
Its old and our service file logs warning about unsupported options.
ghost
approved these changes
May 21, 2025
Comment on lines
+33
to
+41
| if dpkg --compare-versions "$2" lt-nl "0.27"; then | ||
| # < 0.24.0-beta.1 used /home/headscale as home and /bin/sh as shell. | ||
| # The directory /home/headscale was not created by the package or | ||
| # useradd but the service always used /var/lib/headscale which was | ||
| # always shipped by the package as empty directory. Previous versions | ||
| # of the package did not update the user account properties. | ||
| usermod --home "$HEADSCALE_HOME_DIR" --shell "$HEADSCALE_SHELL" \ | ||
| "$HEADSCALE_USER" >/dev/null | ||
| fi |
There was a problem hiding this comment.
In packaging/deb/postinst, the version check on line 33 compares against '0.27'. Is this the correct version for checking homes and shells? The comment on line 34 mentions 0.24.0-beta.1. Are you sure the version threshold is accurate?
| ;; | ||
|
|
||
| purge) | ||
| userdel headscale |
There was a problem hiding this comment.
In packaging/deb/postrm, the userdel command on line 28 doesn't have the same error handling pattern as other commands. Consider adding || true to handle the case where the user might have been manually removed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Please see commit messages for details.
NOTE: If this is merged, it needs to be part of 0.27.0 as the migration in the package checks for that version. The script output of various scenarios is attached. The only difference is that maintainer scripts are executed with
set -exinstead ofset -eto allow introspection.See: #2278
See: #2133
Fixes: #2311
ubuntu2204-scenario-install-purge-install.txt
lintian.txt
debian12-scenario-reinstall-same.txt
debian12-scenario-oldest-to-dev.txt
debian12-scenario-new-install.txt
debian12-scenario-latest-to-dev.txt
debian12-scenario-install-remove-install.txt
debian12-scenario-install-purge-install.txt
debian11-scenario-reinstall-same.txt
debian11-scenario-oldest-to-dev.txt
debian11-scenario-new-install.txt
debian11-scenario-latest-to-dev.txt
debian11-scenario-install-remove-install.txt
ubuntu2404-scenario-reinstall-same.txt
ubuntu2404-scenario-oldest-to-dev.txt
ubuntu2404-scenario-new-install.txt
ubuntu2404-scenario-latest-to-dev.txt
ubuntu2404-scenario-install-remove-install.txt
ubuntu2404-scenario-install-purge-install.txt
ubuntu2204-scenario-reinstall-same.txt
ubuntu2204-scenario-oldest-to-dev.txt
ubuntu2204-scenario-new-install.txt
ubuntu2204-scenario-latest-to-dev.txt
ubuntu2204-scenario-install-remove-install.txt
debian11-scenario-install-purge-install.txt
piparts.txt