From 73ed563dded392f11dfe3208b82c5c0345f0f5c7 Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Wed, 12 Dec 2018 20:29:56 +0000
Subject: [PATCH 1/2] Update debian package behavior

It now won't enable itself automatically on install and it will
only start Yggdrasil if enabled in systemd. It also won't break
during install on systems where systemd is not present.
---
 contrib/deb/generate.sh | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/contrib/deb/generate.sh b/contrib/deb/generate.sh
index 5af31d5c..618f00f0 100644
--- a/contrib/deb/generate.sh
+++ b/contrib/deb/generate.sh
@@ -52,8 +52,11 @@ Architecture: $PKGARCH
 Replaces: $PKGREPLACES
 Conflicts: $PKGREPLACES
 Maintainer: Neil Alexander <neilalexander@users.noreply.github.com>
-Description: Debian yggdrasil package
- Binary yggdrasil package for Debian and Ubuntu
+Description: Yggdrasil Network
+ Yggdrasil is an early-stage implementation of a fully end-to-end encrypted IPv6
+ network. It is lightweight, self-arranging, supported on multiple platforms and
+ allows pretty much any IPv6-capable application to communicate securely with
+ other Yggdrasil nodes.
 EOF
 cat > /tmp/$PKGNAME/debian/copyright << EOF
 Please see https://github.com/yggdrasil-network/yggdrasil-go/
@@ -76,13 +79,22 @@ then
   echo "Normalising /etc/yggdrasil.conf"
   /usr/bin/yggdrasil -useconffile /var/backups/yggdrasil.conf.`date +%Y%m%d` -normaliseconf > /etc/yggdrasil.conf
 fi
-systemctl enable yggdrasil
-systemctl start yggdrasil
+if command -v systemctl >/dev/null; then
+  systemctl daemon-reload >/dev/null || true
+  if [ -f /etc/systemd/system/multi-user.target.wants/yggdrasil.service ]; then
+    echo "Starting Yggdrasil"
+    systemctl start yggdrasil || true
+  fi
+fi
 EOF
 cat > /tmp/$PKGNAME/debian/prerm << EOF
 #!/bin/sh
-systemctl disable yggdrasil
-systemctl stop yggdrasil
+if command -v systemctl >/dev/null; then
+  if systemctl is-active --quiet yggdrasil; then
+    echo "Stopping Yggdrasil"
+    systemctl stop yggdrasil || true
+  fi
+fi
 EOF
 
 cp yggdrasil /tmp/$PKGNAME/usr/bin/

From e1c79837527ace57a8e5e9aaef01a80e2b2ef21c Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Fri, 14 Dec 2018 14:25:26 +0000
Subject: [PATCH 2/2] Update debian package to fix systemd disabling (not good
 for remote systems) and add group yggdrasil for admin socket/conf

---
 contrib/deb/generate.sh           | 24 +++++++++++++++++-------
 contrib/systemd/yggdrasil.service |  3 ++-
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/contrib/deb/generate.sh b/contrib/deb/generate.sh
index 618f00f0..0eb21882 100644
--- a/contrib/deb/generate.sh
+++ b/contrib/deb/generate.sh
@@ -71,29 +71,39 @@ etc/systemd/system/*.service etc/systemd/system
 EOF
 cat > /tmp/$PKGNAME/debian/postinst << EOF
 #!/bin/sh
+
+if ! getent group yggdrasil 2>&1 > /dev/null; then
+  addgroup --system --quiet yggdrasil
+fi
+
 if [ -f /etc/yggdrasil.conf ];
 then
   mkdir -p /var/backups
   echo "Backing up configuration file to /var/backups/yggdrasil.conf.`date +%Y%m%d`"
   cp /etc/yggdrasil.conf /var/backups/yggdrasil.conf.`date +%Y%m%d`
-  echo "Normalising /etc/yggdrasil.conf"
+  echo "Normalising and updating /etc/yggdrasil.conf"
   /usr/bin/yggdrasil -useconffile /var/backups/yggdrasil.conf.`date +%Y%m%d` -normaliseconf > /etc/yggdrasil.conf
-fi
-if command -v systemctl >/dev/null; then
-  systemctl daemon-reload >/dev/null || true
-  if [ -f /etc/systemd/system/multi-user.target.wants/yggdrasil.service ]; then
-    echo "Starting Yggdrasil"
+  chgrp yggdrasil /etc/yggdrasil.conf
+
+  if command -v systemctl >/dev/null; then
+    systemctl daemon-reload >/dev/null || true
+    systemctl enable yggdrasil || true
     systemctl start yggdrasil || true
   fi
+else
+  echo "Generating initial configuration file /etc/yggdrasil.conf"
+  echo "Please familiarise yourself with this file before starting Yggdrasil"
+  /usr/bin/yggdrasil -genconf > /etc/yggdrasil.conf
+  chgrp yggdrasil /etc/yggdrasil.conf
 fi
 EOF
 cat > /tmp/$PKGNAME/debian/prerm << EOF
 #!/bin/sh
 if command -v systemctl >/dev/null; then
   if systemctl is-active --quiet yggdrasil; then
-    echo "Stopping Yggdrasil"
     systemctl stop yggdrasil || true
   fi
+  systemctl disable yggdrasil || true
 fi
 EOF
 
diff --git a/contrib/systemd/yggdrasil.service b/contrib/systemd/yggdrasil.service
index 9ae4a079..1b6f1f07 100644
--- a/contrib/systemd/yggdrasil.service
+++ b/contrib/systemd/yggdrasil.service
@@ -4,6 +4,7 @@ Wants=network.target
 After=network.target
 
 [Service]
+Group=yggdrasil
 ProtectHome=true
 ProtectSystem=true
 SyslogIdentifier=yggdrasil
@@ -12,7 +13,7 @@ ExecStartPre=/bin/sh -ec "if ! test -s /etc/yggdrasil.conf; \
                 yggdrasil -genconf > /etc/yggdrasil.conf; \
                 echo 'WARNING: A new /etc/yggdrasil.conf file has been generated.'; \
             fi"
-ExecStart=/bin/sh -c "exec yggdrasil -useconf < /etc/yggdrasil.conf"
+ExecStart=/usr/bin/yggdrasil -useconffile /etc/yggdrasil.conf
 Restart=always
 
 [Install]