Tinc package on 2.3
-
What is going to happen after upgrade? It will be working without UI?
Or it will be discarded?
I do not see it in the Package port list
I use Tinc on all my pfSense routers and wonder if it is possible to install it via command line
-
i hope so :-(
or i need to stand at 2.2.6 :-/
currently its listed under removed packages ;-(
https://doc.pfsense.org/index.php/2.3_Removed_Packages
-
I find this interesting that it is listed as "no package maintainer" yet the package for 2.2.x was updated within the last 3 months. I believe in January. I too am dependent on the tinc vpn.
If need be I would be willing to help maintain the package.. I just need to figure out what it takes to do it.
-
Removed … wow.
This way I'll have to stay on 2.2.6 or check for another router software
Anyway, since I am not familiar with FreeBSD,
can I install Tinc without GUI and run it as FreeBSD service?
Tinc is rather easy to setup with command line
-
Hi Reepicheep,
To maintain a package imho the first requirement is to keep it working on recent versions of pfSense.
And if time permits add a feature here and there if you deem it useful in general ;).Whats currently most required for Tinc (and most other packages) is to define a pfSense-pkg-tinc package for it, copy over the old php/inc/xml files, make them work, and adapt them where needed to the new bootstrap gui. Some info about it here https://forum.pfsense.org/index.php?topic=103481.0
Then send a pullrequest on github, and wait for it to get pulled..If your on irc ##pfsense i can probably help you figure out some things. I'm only there during evenings(GMT+2) and weekends though. Can always try to pm me :) .. Personally i maintain haproxy package..
Regards, PiBa-NL
-
PiBa,
Thanks for you help and direction. This is important enough for me personally and us (we use pfsense a few places at work) professionally that I'm going to attempt to do this. I did start reading through some of the materials last week on converting the tinc package to bootstrap. It does not look like it will be to bad but I am making that statement before I have ever actually worked through the process. ;)
-
If you need a beta tester, i would like to help ^^
i have a pfSense 2.3 testsystem and some tinc clients/server (raspberry, windows pcs and other pfsense 2.2.6 clients/server)
-
Any progress?
I would also like to help test this extension. -
Hello guys,
I would be very glad to receive some help with packaging - I've just started a few hours ago with FreeBSD packages and ports from absolutely nothing.
However, I can confirm I have an installable tinc 1.0.28 package for pfSense 2.3. Can you please review the code if it's ready for a pull request? I'm concerned it doesn't build on the official pfSense builder machine. For some reason, I cannot manage to include the compiled binary when creating the package, it must be some banal mistake I make at this late hour.Installation:
-
Diagnostics -> Command Prompt -> Upload file
-
From console: pkg add /tmp/pfSense-pkg-tinc-1.0.28.txz
Attached package and source. Alternative URLs:
Package: https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc-1.0.28.txz (FIXME: tincd binary doesn't get copied to the package - syntax mistake in Makefile?)
Source: https://dl.dropboxusercontent.com/u/4512442/pfSense-pkg-tinc.tar.gzAny feedback is very much appreciated! Thank you in advance.
-
-
Wow, great news! Thanks!
I'll try on Sunday evening (EST). Obviously, I just can try if it works, have no experience with pfSense programming
So, just to copy a binary built after install, that's all?
Where it supposed to go? /usr/local/sbin/ ?
-
No, what I just realized is that it actually works as designed. The binary is not supposed to be part of the pfSense package.
So when you want to install tinc, it will actually install 2 packages:- the official tinc package
- and then the pfSense-pkg-tinc extra package, which is basically the GUI adapted to pfSense
(-> and the Makefile is basically just a pointer to require the official package at runtime - it's a great approach!)
Since the official tinc package is not available yet on this pfSense release, what you can do is to copy the txz package and install it from command line, then install the extra pF-related package. I can confirm this way it works fine.
I have attached the compiled tinc 1.0.28 FreeBSD port, but feel free to compile it yourself for security considerations. (on a FreeBSD 10.2: cd /usr/ports/security/tinc; make package).
Meanwhile, I also realized the Tinc status PHP page has to be adapted to Bootstrap because it looks a bit messed up, I'm already working on it, still needs some final touches then I will share it too.
-
Hi dmegyesi,
I gave it a quick little check on 1 pfSense test machine (without actually connecting anywhere) as i'm not actively using tinc. So i have not fully tested its workings, but my guess is you have already done that.
From what i see it looks valid except you should indeed drop 'tincd' binary from the pfSense package 'makefile' the package dependency will indeed take care of that.
For testing i used "pkg add http://pkg.freebsd.org/freebsd:10:x86:64/release_3/All/tinc-1.0.26_1.txz" to add that package from the FreeBSD repository.. I suppose i could have used http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/tinc-1.0.28.txz as well.. But anyway package looks like i remember it from 2.2 and tincd daemon seems to be properly started with some basic configurations.
If you can send pullrequest on github that would be great :) (dont forget to sign the 2 pfSense contributer licence agreements)
Regards,
PiBa-NL -
Cool,
I use tinc for all controlled offices.
Though, I'd wait until it is all done. 3 days before leaving for vacations is not best time for experimenting on real business
-
b.t.w. Did notice a php warning(only pfsense development snapshots show those, the release version only shows 'errors'..):
[11-Jun-2016 16:28:24 CET] PHP Warning: rename(/usr/local/etc/tinc/,/usr/local/etc/tinc/.old): Invalid argument in /usr/local/pkg/tinc.inc on line 67 [11-Jun-2016 16:28:24 CET] PHP Stack trace: [11-Jun-2016 16:28:24 CET] PHP 1\. {main}() /usr/local/www/pkg_edit.php:0 [11-Jun-2016 16:28:24 CET] PHP 2\. eval() /usr/local/www/pkg_edit.php:255 [11-Jun-2016 16:28:24 CET] PHP 3\. tinc_save() /usr/local/www/pkg_edit.php(255) : eval()'d code:1 [11-Jun-2016 16:28:24 CET] PHP 4\. rename() /usr/local/pkg/tinc.inc:67 [11-Jun-2016 16:29:13 CET] PHP Warning: rename(/usr/local/etc/tinc/,/usr/local/etc/tinc/.old): Invalid argument in /usr/local/pkg/tinc.inc on line 67 [11-Jun-2016 16:29:13 CET] PHP Stack trace: [11-Jun-2016 16:29:13 CET] PHP 1\. {main}() /usr/local/www/pkg_edit.php:0 [11-Jun-2016 16:29:13 CET] PHP 2\. eval() /usr/local/www/pkg_edit.php:255 [11-Jun-2016 16:29:13 CET] PHP 3\. tinc_save() /usr/local/www/pkg_edit.php(255) : eval()'d code:1 [11-Jun-2016 16:29:13 CET] PHP 4\. rename() /usr/local/pkg/tinc.inc:67Maybe you could check why this happens.?
-
Thank you guys very much for the quick feedbacks!
I have fixed the Makefile as discussed, it should be okay now.
I haven't managed to produce the mentioned warning, however by looking at the code I believe it's caused by trying to rename the tinc/ folder to tinc/.old, so I removed the trailing slash at the end in that variable. All the rest of the lines later using this config folder variable are explicitly adding the beginning slash anyway, so it shouldn't cause any issue.
Pull request submitted: https://github.com/pfsense/FreeBSD-ports/pull/149
Hope to see the package offically back to pfSense very soon. :) -
@ dmegyesi
The version you compiled is a 64bit version?
Du you have a 32bit version too ?
-
Hi,
I believe it should work basically on any architecture, the package I prepared is not hard-wired for anything special, it just depends on the tinc package itself. As long as the original package is available for i386, I think it should work. I don't have such a system to test though.
-
Building a new pfSense right now… If TINC could be on there, it'd be great, since it's currently on a different machine in the network and being routed through it... It works... mostly...
Having it on the pfSense box should make it much easier, as I'd no longer have to depend on another box and vague routing glitches... ;)
-
dmegyesi, i checked the pull request, i'm not that familiar with github, but theres a CLA logo next to it. does it mean its waiting for you to accept a contributor license agreement?
-
It means it's verified that I have already accepted the CLA. So right now it's waiting for review and merge by the pfSense team. As I see there isn't much progress with some older pull requests neither, so I believe they might be busy.