install as distro (sakai135#37)

sakai135 · web-flow · commit ceb7473efb7b · 2021-09-20T01:56:10.000-04:00
* install as distro

* add config option for forwarding

* small edits to readme

* move distro files to dir

* use same dir to install distro as readme

* build npiperelay.exe

* verify Docker Desktop Installer file

* add build ref to distro image

* update readme

* show installed package versions

* update build

* Create LICENSE
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,6 @@
+.git
+.github
+.dockerignore
+distro/Dockerfile
+README.md
+distro/test.sh
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,32 @@
+name: Build
+
+on:
+  push:
+  pull_request:
+    branches: [ $default-branch ]
+
+env:
+  TAG_NAME: ${{ format('wslvpnkit:{0}-{1}', github.sha, github.run_number) }}
+
+jobs:
+
+  build:
+    runs-on: ubuntu-20.04
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build
+      run: |
+        docker build -t $TAG_NAME -f ./distro/Dockerfile --build-arg REF=$TAG_NAME .
+    - name: Package
+      run: |
+        CONTAINER_ID=$(docker create $TAG_NAME)
+        docker export $CONTAINER_ID | gzip > wsl-vpnkit.tar.gz
+        sha256sum wsl-vpnkit.tar.gz | tee wsl-vpnkit.tar.gz.sha256
+        ls -la wsl-vpnkit.tar.gz wsl-vpnkit.tar.gz.sha256
+    - name: Artifacts
+      uses: actions/upload-artifact@v2
+      with:
+        name: wsl-vpnkit
+        path: |
+          wsl-vpnkit.tar.gz
+          wsl-vpnkit.tar.gz.sha256
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Keiichi Shimamura
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
@@ -1,138 +1,74 @@
 # wsl-vpnkit
 
-Uses [VPNKit](https://github.com/moby/vpnkit) and [npiperelay](https://github.com/jstarks/npiperelay) to provide network connectivity to the WSL 2 VM. This requires no settings changes or admin privileges on the Windows host.
+The `wsl-vpnkit` script uses [VPNKit](https://github.com/moby/vpnkit) and [npiperelay](https://github.com/jstarks/npiperelay) to provide network connectivity to the WSL 2 VM while connected to VPNs on the Windows host. This requires no settings changes or admin privileges on the Windows host.
 
-## Setup
-
-The following steps will use WSL to setup `wsl-vpnkit`. If you do not have connectivity in WSL 2, you can [switch your WSL version](https://docs.microsoft.com/en-us/windows/wsl/install-win10#set-your-distribution-version-to-wsl-1-or-wsl-2) to WSL 1 for setup and back to WSL 2 once done. Alternatively, you can refer to [this post to setup `wsl-vpnkit` from the Windows side](https://github.com/sakai135/wsl-vpnkit/issues/11#issuecomment-777806102).
-
-### Install `vpnkit.exe` and `vpnkit-tap-vsockd`
-
-This will download and extract `vpnkit.exe` and `vpnkit-tap-vsockd` from the [Docker Desktop for Windows installer](https://docs.docker.com/docker-for-windows/install/). Alternatively, build `vpnkit.exe` and `vpnkit-tap-vsockd` from [VPNKit](https://github.com/moby/vpnkit).
-
-```sh
-sudo apt install p7zip-full
-```
-
-```sh
-wget https://desktop.docker.com/win/stable/amd64/67351/Docker%20Desktop%20Installer.exe
-7z e Docker\ Desktop\ Installer.exe resources/vpnkit.exe resources/wsl/docker-for-wsl.iso
-7z e docker-for-wsl.iso containers/services/vpnkit-tap-vsockd/lower/sbin/vpnkit-tap-vsockd
-rm Docker\ Desktop\ Installer.exe docker-for-wsl.iso
-
-mkdir -p /mnt/c/bin
-mv vpnkit.exe /mnt/c/bin/wsl-vpnkit.exe
-
-chmod +x vpnkit-tap-vsockd
-sudo chown root:root vpnkit-tap-vsockd
-sudo mv vpnkit-tap-vsockd /usr/local/sbin/vpnkit-tap-vsockd
-```
-
-### Install `npiperelay.exe`
+The releases bundle the script together with VPNKit and npiperelay in an [Alpine](https://alpinelinux.org/) distro.
 
-Download from [npiperelay](https://github.com/jstarks/npiperelay).
+## Setup
 
-```sh
-wget https://github.com/jstarks/npiperelay/releases/download/v0.1.0/npiperelay_windows_amd64.zip
-7z e npiperelay_windows_amd64.zip npiperelay.exe
-rm npiperelay_windows_amd64.zip
+Download the prebuilt file `wsl-vpnkit.tar.gz` from the [latest release](https://github.com/sakai135/wsl-vpnkit/releases/latest) and import the distro into WSL 2. Running the distro will show a short intro and exit.
 
-mkdir -p /mnt/c/bin
-mv npiperelay.exe /mnt/c/bin/
+```pwsh
+wsl --import wsl-vpnkit $env:USERPROFILE\wsl-vpnkit wsl-vpnkit.tar.gz
+wsl -d wsl-vpnkit
 ```
 
-### Install `socat`
+Start `wsl-vpnkit` from Windows or your other WSL 2 distros. Add the command to your `.profile` or `.bashrc` to start `wsl-vpnkit` when you open your WSL terminal.
 
 ```sh
-sudo apt install socat
+wsl.exe -d wsl-vpnkit service wsl-vpnkit start
 ```
 
-### Configure DNS for WSL
+### Notes
 
-Disable WSL from generating and overwriting `/etc/resolv.conf` with the [network options in `wsl.conf`](https://docs.microsoft.com/en-us/windows/wsl/wsl-config#network).
+* Services on the WSL 2 VM are accessible from the Windows host using `localhost`.
+* Services on the Windows host are accessible from WSL 2 using `host.internal`.
 
-```sh
-sudo tee /etc/wsl.conf <<EOL
-[network]
-generateResolvConf = false
-EOL
-```
+### Uninstall
 
-Shutdown the WSL2 VM and reopen your shell for `wsl.conf` to take effect.
+To uninstall, unregister the distro.
 
-```sh
-wsl.exe --shutdown
+```pwsh
+wsl --unregister wsl-vpnkit
+rm -r $env:USERPROFILE\wsl-vpnkit
 ```
 
-Manually set DNS servers to use when not running `wsl-vpnkit`. [`1.1.1.1`](https://1.1.1.1/dns/) is provided here as an example.
-
-```sh
-sudo tee /etc/resolv.conf <<EOL
-nameserver 1.1.1.1
-EOL
-```
+### Build
 
-### Clone `wsl-vpnkit`
+This will build and import the distro.
 
 ```sh
 git clone https://github.com/sakai135/wsl-vpnkit.git
 cd wsl-vpnkit/
-```
-
-## Run
-
-```sh
-sudo ./wsl-vpnkit
-```
-
-Keep this terminal open.
-
-In some environments, explicitly pass the environment variable `WSL_INTEROP` to `sudo`.
-
-```sh
-sudo --preserve-env=WSL_INTEROP ./wsl-vpnkit
-```
-
-Services on the WSL 2 VM should be accessible from the Windows host using `localhost` through [the WSL networking integrations](https://devblogs.microsoft.com/commandline/whats-new-for-wsl-in-insiders-preview-build-18945/#use-localhost-to-connect-to-your-linux-applications-from-windows) which can be configured by the [`localhostForwarding` option in `.wslconfig`](https://docs.microsoft.com/en-us/windows/wsl/wsl-config#wsl-2-settings). Services on the Windows host should be accessible from WSL 2 using the IP from `VPNKIT_HOST_IP` (`192.168.67.2`).
-
-## Run in the Background
-
-This uses `wsl.exe` and `start-stop-daemon` to run `wsl-vpnkit` in the background. A log file will be created at `/var/log/wsl-vpnkit.log` with the output from `wsl-vpnkit`.
-
-```sh
-sudo ./wsl-vpnkit.service start
-```
-
-## Run as a Service
-
-This is an example setup to run `wsl-vpnkit` as a service.
 
-### Create Service
-
-```sh
-sudo ln -s $(pwd)/wsl-vpnkit.service /etc/init.d/wsl-vpnkit
+./distro/test.sh
 ```
 
-### Setup Sudoers
-
-This allows running the `wsl-vpnkit` service without entering a password every time.
+## Using `wsl-vpnkit` as a standalone script
 
-This step can be dangerous. Read [Sudoers](https://help.ubuntu.com/community/Sudoers) before doing this step.
+The `wsl-vpnkit` script can be used as a normal script in your existing distro. This is an example setup script for Ubuntu.
 
 ```sh
-sudo visudo -f /etc/sudoers.d/wsl-vpnkit
-```
+USERPROFILE=$(wslpath "$(/mnt/c/WINDOWS/System32/WindowsPowerShell/v1.0/powershell.exe -c '$env:USERPROFILE' | tr -d '\r')")
+mkdir -p "$USERPROFILE/wsl-vpnkit"
 
-```
-yourusername ALL=(ALL) NOPASSWD: /usr/sbin/service wsl-vpnkit *
-```
+sudo apt install p7zip-full socat
 
-### Run Automatically
+wget https://desktop.docker.com/win/stable/amd64/67351/Docker%20Desktop%20Installer.exe
+7z e Docker\ Desktop\ Installer.exe resources/vpnkit.exe resources/wsl/docker-for-wsl.iso
+7z e docker-for-wsl.iso containers/services/vpnkit-tap-vsockd/lower/sbin/vpnkit-tap-vsockd
+rm Docker\ Desktop\ Installer.exe docker-for-wsl.iso
+mv vpnkit.exe "$USERPROFILE/wsl-vpnkit/wsl-vpnkit.exe"
+chmod +x vpnkit-tap-vsockd
+sudo chown root:root vpnkit-tap-vsockd
+sudo mv vpnkit-tap-vsockd /usr/local/sbin/vpnkit-tap-vsockd
 
-Add the following to your `.profile` or `.bashrc` to start `wsl-vpnkit` when you open your WSL terminal.
+wget https://github.com/jstarks/npiperelay/releases/download/v0.1.0/npiperelay_windows_amd64.zip
+7z e npiperelay_windows_amd64.zip npiperelay.exe
+rm npiperelay_windows_amd64.zip
+mv npiperelay.exe "$USERPROFILE/wsl-vpnkit/"
 
-```sh
-sudo service wsl-vpnkit start
+sudo ./wsl-vpnkit
 ```
 
 ## Troubleshooting
@@ -141,28 +77,9 @@ sudo service wsl-vpnkit start
 
 If VS Code takes a long time to open your folder in WSL, [enable the setting "Connect Through Localhost"](https://github.com/microsoft/vscode-docs/blob/main/remote-release-notes/v1_54.md#fix-for-wsl-2-connection-issues-when-behind-a-proxy).
 
-### Try shutting down WSL VM to reset
-
-```sh
-wsl.exe --shutdown
-```
-
-```powershell
-Stop-Process -Name wsl-vpnkit
-```
-
-### Check for the required processes
-
-```sh
-ps aux | grep wsl-vpnkit
-```
-
-* `socat ... npiperelay.exe`
-* `wsl-vpnkit.exe`
-* `vpnkit-tap-vsockd`
+### Try shutting down WSL 2 VM to reset
 
-### Run VPNKit with Debug
-
-```sh
-sudo VPNKIT_DEBUG=1 ./wsl-vpnkit
+```pwsh
+wsl --shutdown
+kill -Name wsl-vpnkit
 ```
diff --git a/distro/Dockerfile b/distro/Dockerfile
@@ -0,0 +1,32 @@
+FROM alpine:3.14.2 AS vpnkit
+WORKDIR /files
+COPY ./distro/sha256sums ./
+RUN apk add --no-cache p7zip && \
+    wget https://desktop.docker.com/win/stable/amd64/67351/Docker%20Desktop%20Installer.exe  && \
+    sha256sum -c sha256sums && \
+    7z e Docker%20Desktop%20Installer.exe resources/vpnkit.exe resources/wsl/docker-for-wsl.iso && \
+    7z e docker-for-wsl.iso containers/services/vpnkit-tap-vsockd/lower/sbin/vpnkit-tap-vsockd && \
+    chmod +x vpnkit-tap-vsockd && \
+    rm Docker%20Desktop%20Installer.exe docker-for-wsl.iso && \
+    wget https://raw.githubusercontent.com/moby/vpnkit/v0.5.0/LICENSE
+
+FROM golang:1.17.1-alpine3.14 AS npiperelay
+ENV GOOS=windows
+WORKDIR /files
+RUN go mod init local/build && \
+    go get -d -v github.com/jstarks/npiperelay@v0.1.0 && \
+    GOOS=windows go build -o ./npiperelay.exe github.com/jstarks/npiperelay && \
+    cp /go/pkg/mod/github.com/jstarks/npiperelay@v0.1.0/LICENSE ./
+
+FROM alpine:3.14.2
+ARG REF=0
+WORKDIR /app
+COPY --from=npiperelay /files /files/npiperelay
+COPY --from=vpnkit /files /files/vpnkit
+COPY ./ ./
+RUN apk add --no-cache socat openrc iptables && \
+    apk list --installed && \
+    echo "$REF" > /app/ref && \
+    ln -s /files/vpnkit/vpnkit-tap-vsockd /app/wsl-vpnkit /usr/sbin/ && \
+    ln -s /app/distro/wsl-vpnkit.service /etc/init.d/wsl-vpnkit && \
+    ln -s /app/distro/startup.sh /etc/profile.d/
diff --git a/distro/sha256sums b/distro/sha256sums
@@ -0,0 +1 @@
+8f36a5b306442d03a87bb80a492558c81902fdabe497af44a39ca07c161c60a5  Docker%20Desktop%20Installer.exe
diff --git a/distro/startup.sh b/distro/startup.sh
@@ -0,0 +1,33 @@
+#! /bin/sh
+
+LOG_PATH="/var/log/wsl-vpnkit.log"
+USERPROFILE=$(wslpath "$(/mnt/c/WINDOWS/System32/WindowsPowerShell/v1.0/powershell.exe -c '$env:USERPROFILE' | tr -d '\r')")
+
+touch $LOG_PATH
+
+echo "
+This distro is only intended to run wsl-vpnkit. 
+
+Run the following commands from Windows or other WSL 2 distros to use.
+
+    wsl.exe -d $WSL_DISTRO_NAME service wsl-vpnkit start
+    wsl.exe -d $WSL_DISTRO_NAME service wsl-vpnkit stop
+
+The following files will be copied if they do not already exist.
+
+    $USERPROFILE/wsl-vpnkit/wsl-vpnkit.exe
+    $USERPROFILE/wsl-vpnkit/npiperelay.exe
+
+Logs for wsl-vpnkit can be viewed here.
+
+    wsl.exe -d $WSL_DISTRO_NAME tail -f $LOG_PATH
+
+Config for wsl-vpnkit can be edited here. See the wsl-vpnkit script for possible values.
+
+    $USERPROFILE/wsl-vpnkit/wsl-vpnkit.conf
+    wsl.exe -d $WSL_DISTRO_NAME cat /usr/sbin/wsl-vpnkit
+
+Press [enter] key to continue...
+"
+read _
+exit 0
diff --git a/distro/test.sh b/distro/test.sh
@@ -0,0 +1,19 @@
+#! /bin/sh
+
+# run from repo root
+# ./distro/test.sh
+
+USERPROFILE="$(/mnt/c/WINDOWS/System32/WindowsPowerShell/v1.0/powershell.exe -c '$env:USERPROFILE' | tr -d '\r')"
+DUMP=wsl-vpnkit.tar.gz
+TAG_NAME=wslvpnkit
+
+docker build -t $TAG_NAME -f ./distro/Dockerfile .
+CONTAINER_ID=$(docker create $TAG_NAME)
+docker export $CONTAINER_ID | gzip > $DUMP
+docker container rm $CONTAINER_ID
+ls -la $DUMP
+
+wsl.exe --unregister wsl-vpnkit
+wsl.exe --import wsl-vpnkit "$USERPROFILE\\wsl-vpnkit" $DUMP
+rm $DUMP
+wsl.exe -d wsl-vpnkit
diff --git a/distro/wsl-vpnkit.service b/distro/wsl-vpnkit.service
diff --git a/wsl-vpnkit b/wsl-vpnkit
diff --git a/wsl-vpnkit.service b/wsl-vpnkit.service

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+8f36a5b306442d03a87bb80a492558c81902fdabe497af44a39ca07c161c60a5 Docker%20Desktop%20Installer.exe`