Arch Linux AUR package

[simonbcn]

I have created an AUR package for Arch users: https://aur.archlinux.org/packages/adguardhome-bin/

[ameshkov]

Cool, thank you!

[szolin]

Should we add the link to our wiki?

[ghost]

I think it's good to mention those somewhere include #1078

[ameshkov]

@szolin yeah, it makes sense to keep track of AGH packages that we don't maintain ourselves, but which can be helpful to the users.

Let's add both this and this to Wiki.

[simonbcn]

I have problems with .service file and dedicated user to run this application.
The current package in AUR works but it runs as root and I don't want that. I want it to run with a dedicated user but the program itself prevents that.
I consulted this thread to build the service file.
My systemd service file:

[Unit]
Description=AdGuard Home: Network-level blocker
ConditionFileIsExecutable=/var/lib/adguardhome/AdGuardHome
After=syslog.target network-online.target

[Service]
Type=simple
User=adguardhome
Group=adguardhome
StartLimitInterval=5
StartLimitBurst=10
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
PermissionsStartOnly=true

ExecStart=/var/lib/adguardhome/AdGuardHome -s run -w /var/lib/adguardhome -l syslog
WorkingDirectory=/var/lib/adguardhome 
EnvironmentFile=-/etc/conf.d/adguardhome

Restart=on-failure
RestartSec=5

KillMode=process
ProtectSystem=full
ProtectHome=read-only
PrivateTmp=true
PrivateDevices=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

But when I start the service, AdGuardHome says [error] This is the first launch of AdGuard Home. You must run it as root.:

-- Logs begin at Thu 2019-10-03 09:55:05 CEST, end at Tue 2020-01-21 13:30:11 CET. --
ene 21 13:25:21 juan-pc audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=adguardhome comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
ene 21 13:25:21 juan-pc audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=adguardhome comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
ene 21 13:25:21 juan-pc kernel: audit: type=1130 audit(1579609521.110:491): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=adguardhome comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
ene 21 13:25:21 juan-pc kernel: audit: type=1131 audit(1579609521.110:492): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=adguardhome comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
ene 21 13:25:21 juan-pc systemd[1]: Started AdGuard Home: Network-level blocker.
-- Subject: A start job for unit adguardhome.service has finished successfully
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A start job for unit adguardhome.service has finished successfully.
-- 
-- The job identifier is 5680.
ene 21 13:25:21 juan-pc audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=adguardhome comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
ene 21 13:25:21 juan-pc kernel: audit: type=1130 audit(1579609521.113:493): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=adguardhome comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
ene 21 13:25:21 juan-pc AdGuardHome[100463]: 2020/01/21 13:25:21 [error] Couldn't read config file /var/lib/adguardhome/AdGuardHome.yaml: open /var/lib/adguardhome/AdGuardHome.yaml: no such file or directory
ene 21 13:25:21 juan-pc AdGuardHome[100463]: 2020/01/21 13:25:21 [info] AdGuard Home, version v0.100.9, channel release
ene 21 13:25:21 juan-pc AdGuardHome[100463]: 2020/01/21 13:25:21 [error] This is the first launch of AdGuard Home. You must run it as root.
ene 21 13:25:21 juan-pc AdGuardHome[100463]: Do you want to start AdGuard Home as root user? [y/n]
ene 21 13:25:21 juan-pc systemd[1]: adguardhome.service: Main process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- An ExecStart= process belonging to unit adguardhome.service has exited.
-- 
-- The process' exit code is 'exited' and its exit status is 1.
....

[ghost]

#723 #720 (comment)

[ameshkov]

The only solution at the moment would be to include a pre-configured AdGuardHome.yaml and let the user perform the initial setup (choose interfaces, ports, admin username/pass) during the package installation.

Also, please upvote #723 if you want us to implement it sooner.

[szolin]

This check is performed only on initial start, because by default we try to listen on 53 and 80 ports. Once you have a configuration file - you can run AGH under any user.

[simonbcn]

Due to the problems to running this application in a safe environment with a dedicated user (different from root). I'm going to delete this AUR package. When the #723 is resolved, I will recreate it.