improve errors for missing directories (#1765)

* improve errors for missing directories Fixes #1761 Updates #1760 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * update container docs Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * update changelog with /var changes Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2024-02-17 13:36:19 +01:00 · 2024-02-17 13:36:19 +01:00 · b60ee9db54
commit b60ee9db54
parent c73e8476b9
5 changed files with 51 additions and 2 deletions
--- a/hscontrol/app.go
+++ b/hscontrol/app.go
@ -11,6 +11,7 @@ import (
 	_ "net/http/pprof" //nolint
 	"os"
 	"os/signal"
+	"path/filepath"
 	"runtime"
 	"strings"
 	"sync"
@ -69,6 +70,7 @@ const (
 	AuthPrefix         = "Bearer "
 	updateInterval     = 5000
 	privateKeyFileMode = 0o600
+	headscaleDirPerm   = 0o700

 	registerCacheExpiration = time.Minute * 15
 	registerCacheCleanup    = time.Minute * 20
@ -552,6 +554,12 @@ func (h *Headscale) Serve() error {
 		return fmt.Errorf("unable to remove old socket file: %w", err)
 	}

+	socketDir := filepath.Dir(h.cfg.UnixSocket)
+	err = util.EnsureDir(socketDir)
+	if err != nil {
+		return fmt.Errorf("setting up unix socket: %w", err)
+	}
+
 	socketListener, err := net.Listen("unix", h.cfg.UnixSocket)
 	if err != nil {
 		return fmt.Errorf("failed to set up gRPC socket: %w", err)
@ -919,6 +927,12 @@ func notFoundHandler(
 }

 func readOrCreatePrivateKey(path string) (*key.MachinePrivate, error) {
+	dir := filepath.Dir(path)
+	err := util.EnsureDir(dir)
+	if err != nil {
+		return nil, fmt.Errorf("ensuring private key directory: %w", err)
+	}
+
 	privateKey, err := os.ReadFile(path)
 	if errors.Is(err, os.ErrNotExist) {
 		log.Info().Str("path", path).Msg("No private key file at path, creating...")
--- a/hscontrol/db/db.go
+++ b/hscontrol/db/db.go
@ -6,6 +6,7 @@ import (
 	"errors"
 	"fmt"
 	"net/netip"
+	"path/filepath"
 	"strconv"
 	"strings"
 	"time"
@ -344,6 +345,12 @@ func openDB(cfg types.DatabaseConfig) (*gorm.DB, error) {

 	switch cfg.Type {
 	case types.DatabaseSqlite:
+		dir := filepath.Dir(cfg.Sqlite.Path)
+		err := util.EnsureDir(dir)
+		if err != nil {
+			return nil, fmt.Errorf("creating directory for sqlite: %w", err)
+		}
+
 		db, err := gorm.Open(
 			sqlite.Open(cfg.Sqlite.Path+"?_synchronous=1&_journal_mode=WAL"),
 			&gorm.Config{
--- a/hscontrol/util/file.go
+++ b/hscontrol/util/file.go
@ -1,6 +1,8 @@
 package util

 import (
+	"errors"
+	"fmt"
 	"io/fs"
 	"os"
 	"path/filepath"
@ -42,3 +44,21 @@ func GetFileMode(key string) fs.FileMode {

 	return fs.FileMode(mode)
 }
+
+func EnsureDir(dir string) error {
+	if _, err := os.Stat(dir); os.IsNotExist(err) {
+		err := os.MkdirAll(dir, PermissionFallback)
+		if err != nil {
+			if errors.Is(err, os.ErrPermission) {
+				return fmt.Errorf(
+					"creating directory %s, failed with permission error, is it located somewhere Headscale can write?",
+					dir,
+				)
+			}
+
+			return fmt.Errorf("creating directory %s: %w", dir, err)
+		}
+	}
+
+	return nil
+}