chore(headless-client): add a placeholder IPC server for Windows

docker-compose.yml

@@ -322,6 +322,7 @@ services:
         PACKAGE: firezone-headless-client
     # Add "standalone" to the command here once PR $4604 merges
     image: ${CLIENT_IMAGE:-us-east1-docker.pkg.dev/firezone-staging/firezone/dev/client}:${CLIENT_TAG:-main}
+    command: ["firezone-linux-client", "standalone"]
     cap_add:
       - NET_ADMIN
     sysctls:

rust/gui-client/docs/intended_behavior.md

@@ -39,7 +39,7 @@ Best performed on a clean VM
 1. Export the logs
 1. Expect the zip file to start with "firezone_logs_"
 1. Expect `zipinfo` to show a single directory in the root of the zip, to prevent zip bombing
-1. Expect two subdirectories in the zip, "connlib", and "app", each with 3 files, totalling 6 files
+1. Expect two subdirectories in the zip, "connlib", and "app", with 3 and 2 files respectively, totalling 5 files
 
 ## Settings tab
 

rust/gui-client/src-tauri/deb_files/firezone-client-ipc.service

@@ -42,7 +42,7 @@ Environment="LOG_DIR=/var/log/dev.firezone.client"
 Environment="RUST_LOG=info"
 EnvironmentFile="/etc/default/firezone-client-ipc"
 
-ExecStart=firezone-client-ipc
+ExecStart=firezone-client-ipc ipc-service
 Type=notify
 # Unfortunately we may need root to control DNS
 User=root

rust/gui-client/src-tauri/src/client/debug_commands.rs

@@ -26,7 +26,7 @@ pub fn run(cmd: Cmd) -> Result<()> {
 }
 
 fn check_for_updates() -> Result<()> {
-    client::logging::debug_command_setup()?;
+    firezone_headless_client::debug_command_setup()?;
 
     let rt = tokio::runtime::Runtime::new().unwrap();
     let version = rt.block_on(client::updates::check())?;

rust/gui-client/src-tauri/src/client/deep_link/windows.rs

@@ -32,7 +32,7 @@ impl Server {
         let mut server_options = named_pipe::ServerOptions::new();
         server_options.first_pipe_instance(true);
 
-        // This will allow non-admin clients to connect to us even if we're running as admin
+        // This will allow non-admin clients to connect to us even if we're running as admin. TODO: Remove after process separation is done
         let mut sd = WinSec::SECURITY_DESCRIPTOR::default();
         let psd = WinSec::PSECURITY_DESCRIPTOR(&mut sd as *mut _ as *mut c_void);
         // SAFETY: Unsafe needed to call Win32 API. There shouldn't be any threading
@@ -58,15 +58,13 @@ impl Server {
             bInheritHandle: false.into(),
         };
 
-        // TODO: On the IPC branch I found that this will cause prefix issues
-        // with other named pipes. Change it.
-        let path = named_pipe_path(BUNDLE_ID);
         let sa_ptr = &mut sa as *mut _ as *mut c_void;
         // SAFETY: Unsafe needed to call Win32 API. There shouldn't be any threading
         // or lifetime problems because we only pass pointers to our local vars to
         // Win32, and Win32 shouldn't save them anywhere.
-        let server = unsafe { server_options.create_with_security_attributes_raw(path, sa_ptr) }
-            .map_err(|_| super::Error::CantListen)?;
+        let server =
+            unsafe { server_options.create_with_security_attributes_raw(pipe_path(), sa_ptr) }
+                .map_err(|_| super::Error::CantListen)?;
 
         tracing::debug!("server is bound");
         Ok(Server { inner: server })
@@ -101,7 +99,7 @@ impl Server {
 
 /// Open a deep link by sending it to the already-running instance of the app
 pub async fn open(url: &url::Url) -> Result<()> {
-    let path = named_pipe_path(BUNDLE_ID);
+    let path = pipe_path();
     let mut client = named_pipe::ClientOptions::new()
         .open(path)
         .context("Couldn't connect to named pipe server")?;
@@ -112,6 +110,11 @@ pub async fn open(url: &url::Url) -> Result<()> {
     Ok(())
 }
 
+/// Named pipe for our deep links
+fn pipe_path() -> String {
+    firezone_headless_client::imp::named_pipe_path(format!("{BUNDLE_ID}.deep_link"))
+}
+
 /// Registers the current exe as the handler for our deep link scheme.
 ///
 /// This is copied almost verbatim from tauri-plugin-deep-link's `register` fn, with an improvement
@@ -147,23 +150,3 @@ fn set_registry_values(id: &str, exe: &str) -> Result<(), io::Error> {
 
     Ok(())
 }
-
-/// Returns a valid name for a Windows named pipe
-///
-/// # Arguments
-///
-/// * `id` - BUNDLE_ID, e.g. `dev.firezone.client`
-fn named_pipe_path(id: &str) -> String {
-    format!(r"\\.\pipe\{}", id)
-}
-
-#[cfg(test)]
-mod tests {
-    #[test]
-    fn named_pipe_path() {
-        assert_eq!(
-            super::named_pipe_path("dev.firezone.client"),
-            r"\\.\pipe\dev.firezone.client"
-        );
-    }
-}

rust/gui-client/src-tauri/src/client/logging.rs

@@ -42,8 +42,6 @@ pub(crate) enum Error {
     #[error("Log filter couldn't be parsed")]
     Parse(#[from] tracing_subscriber::filter::ParseError),
     #[error(transparent)]
-    SetGlobalDefault(#[from] tracing::subscriber::SetGlobalDefaultError),
-    #[error(transparent)]
     SetLogger(#[from] tracing_log::log_tracer::SetLoggerError),
 }
 
@@ -73,17 +71,6 @@ pub(crate) fn setup(log_filter: &str) -> Result<Handles> {
     })
 }
 
-/// Sets up logging for stderr only, with INFO level by default
-pub(crate) fn debug_command_setup() -> Result<(), Error> {
-    let filter = EnvFilter::builder()
-        .with_default_directive(tracing_subscriber::filter::LevelFilter::INFO.into())
-        .from_env_lossy();
-    let layer = fmt::layer().with_filter(filter);
-    let subscriber = Registry::default().with(layer);
-    set_global_default(subscriber)?;
-    Ok(())
-}
-
 #[tauri::command]
 pub(crate) async fn clear_logs() -> StdResult<(), String> {
     clear_logs_inner().await.map_err(|e| e.to_string())

rust/gui-client/src-tauri/tauri.conf.json

@@ -35,7 +35,14 @@
         "icons/icon.png"
       ],
       "publisher": "Firezone",
-      "shortDescription": "Firezone"
+      "shortDescription": "Firezone",
+      "windows": {
+        "wix": {
+          "componentRefs": ["FirezoneClientIpcService"],
+          "fragmentPaths": ["./win_files/service.wxs"],
+          "template": "./win_files/main.wxs"
+        }
+      }
     },
     "security": {
       "csp": null