From 1a012321239b2b87b381aaee6e6d3c154a45414c Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 19:02:11 -0400 Subject: [PATCH 01/22] add zrok agent service unit --- .github/workflows/promote-downstreams.yml | 1 + .github/workflows/release.yml | 4 +- .goreleaser-linux-amd64.yml | 53 +++++++++++++++++++++++ .goreleaser-linux-arm64.yml | 53 +++++++++++++++++++++++ .goreleaser-linux-armel.yml | 53 +++++++++++++++++++++++ .goreleaser-linux-armhf.yml | 53 +++++++++++++++++++++++ nfpm/zrok-agent.service | 18 ++++++++ nfpm/zrok-share@.service | 2 +- 8 files changed, 234 insertions(+), 3 deletions(-) create mode 100644 nfpm/zrok-agent.service diff --git a/.github/workflows/promote-downstreams.yml b/.github/workflows/promote-downstreams.yml index 6e46c3df..66b07ca0 100644 --- a/.github/workflows/promote-downstreams.yml +++ b/.github/workflows/promote-downstreams.yml @@ -63,6 +63,7 @@ jobs: package_name: - zrok - zrok-share + - zrok-agent arch: - deb: amd64 rpm: x86_64 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 097edc32..b3c6a01c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -103,7 +103,7 @@ jobs: else SEMVER_PRE=${SEMVER#*-} fi - for PAX in zrok{,-share}; do + for PAX in zrok{,-share,-agent}; do _pattern="./dist/${PAX}-${SEMVER_CORE}${SEMVER_PRE:+~${SEMVER_PRE}}*.${ARCH}.rpm" if ! compgen -G "$_pattern" > /dev/null; then echo "ERROR: No RPM files found matching pattern '${_pattern}'" >&2 @@ -139,7 +139,7 @@ jobs: else SEMVER_PRE=${SEMVER#*-} fi - for PAX in zrok{,-share}; do + for PAX in zrok{,-share,-agent}; do _pattern="./dist/${PAX}_${SEMVER_CORE}${SEMVER_PRE:+~${SEMVER_PRE}}*_${ARCH}.deb" if ! compgen -G "$_pattern" > /dev/null; then echo "ERROR: No DEB files found matching pattern '${_pattern}'" >&2 diff --git a/.goreleaser-linux-amd64.yml b/.goreleaser-linux-amd64.yml index 9c3766d0..40695482 100644 --- a/.goreleaser-linux-amd64.yml +++ b/.goreleaser-linux-amd64.yml @@ -137,3 +137,56 @@ nfpms: - dst: /opt/openziti/etc/zrok/ src: ./etc/caddy/multiple_upstream.Caddyfile type: config|noreplace + + - package_name: zrok-agent + id: zrok-agent + vendor: NetFoundry + homepage: https://zrok.io/ + maintainer: support@zrok.io + description: | + This package provides zrok-agent.service. Enable your zrok account on this device with "zrok enable". Run + "systemctl enable --user --now zrok-agent.service" to enable the service for the current user and visit the agent + UI by running "zrok agent console". + license: Apache 2.0 + + # do not bundle the built binaries, only supporting files + meta: true + + # Formats to be generated. + formats: + - deb + - rpm + + # {{ .ConventionalFileName }} satisfies the RPM name convention. + file_name_template: "{{ .ConventionalFileName }}" + + # Umask to be used on files without explicit mode set. (overridable) + umask: 0o002 + + # Package version within this release version. + release: 1 + + # Section. + section: default + + # Priority. + priority: optional + + # GoReleaser will automatically add the binaries here + dependencies: + - zrok + + # this allows users to satisfy the requirement for jq another way, not with the package manager, e.g. + # apt install --no-recommends zrok-share + recommends: [] + + overrides: + # yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency + rpm: + dependencies: + - zrok + + # Contents to add to the package. + contents: + - dst: /usr/lib/systemd/user/ + src: ./nfpm/zrok-agent.service diff --git a/.goreleaser-linux-arm64.yml b/.goreleaser-linux-arm64.yml index e4c5454f..bc357c61 100644 --- a/.goreleaser-linux-arm64.yml +++ b/.goreleaser-linux-arm64.yml @@ -141,3 +141,56 @@ nfpms: - dst: /opt/openziti/etc/zrok/ src: ./etc/caddy/multiple_upstream.Caddyfile type: config|noreplace + + - package_name: zrok-agent + id: zrok-agent + vendor: NetFoundry + homepage: https://zrok.io/ + maintainer: support@zrok.io + description: | + This package provides zrok-agent.service. Enable your zrok account on this device with "zrok enable". Run + "systemctl enable --user --now zrok-agent.service" to enable the service for the current user and visit the agent + UI by running "zrok agent console". + license: Apache 2.0 + + # do not bundle the built binaries, only supporting files + meta: true + + # Formats to be generated. + formats: + - deb + - rpm + + # {{ .ConventionalFileName }} satisfies the RPM name convention. + file_name_template: "{{ .ConventionalFileName }}" + + # Umask to be used on files without explicit mode set. (overridable) + umask: 0o002 + + # Package version within this release version. + release: 1 + + # Section. + section: default + + # Priority. + priority: optional + + # GoReleaser will automatically add the binaries here + dependencies: + - zrok + + # this allows users to satisfy the requirement for jq another way, not with the package manager, e.g. + # apt install --no-recommends zrok-share + recommends: [] + + overrides: + # yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency + rpm: + dependencies: + - zrok + + # Contents to add to the package. + contents: + - dst: /usr/lib/systemd/user/ + src: ./nfpm/zrok-agent.service diff --git a/.goreleaser-linux-armel.yml b/.goreleaser-linux-armel.yml index 86526dec..f4433553 100644 --- a/.goreleaser-linux-armel.yml +++ b/.goreleaser-linux-armel.yml @@ -145,3 +145,56 @@ nfpms: - dst: /opt/openziti/etc/zrok/ src: ./etc/caddy/multiple_upstream.Caddyfile type: config|noreplace + + - package_name: zrok-agent + id: zrok-agent + vendor: NetFoundry + homepage: https://zrok.io/ + maintainer: support@zrok.io + description: | + This package provides zrok-agent.service. Enable your zrok account on this device with "zrok enable". Run + "systemctl enable --user --now zrok-agent.service" to enable the service for the current user and visit the agent + UI by running "zrok agent console". + license: Apache 2.0 + + # do not bundle the built binaries, only supporting files + meta: true + + # Formats to be generated. + formats: + - deb + - rpm + + # {{ .ConventionalFileName }} satisfies the RPM name convention. + file_name_template: "{{ .ConventionalFileName }}" + + # Umask to be used on files without explicit mode set. (overridable) + umask: 0o002 + + # Package version within this release version. + release: 1 + + # Section. + section: default + + # Priority. + priority: optional + + # GoReleaser will automatically add the binaries here + dependencies: + - zrok + + # this allows users to satisfy the requirement for jq another way, not with the package manager, e.g. + # apt install --no-recommends zrok-share + recommends: [] + + overrides: + # yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency + rpm: + dependencies: + - zrok + + # Contents to add to the package. + contents: + - dst: /usr/lib/systemd/user/ + src: ./nfpm/zrok-agent.service diff --git a/.goreleaser-linux-armhf.yml b/.goreleaser-linux-armhf.yml index 67518309..fd76de1f 100644 --- a/.goreleaser-linux-armhf.yml +++ b/.goreleaser-linux-armhf.yml @@ -143,3 +143,56 @@ nfpms: - dst: /opt/openziti/etc/zrok/ src: ./etc/caddy/multiple_upstream.Caddyfile type: config|noreplace + + - package_name: zrok-agent + id: zrok-agent + vendor: NetFoundry + homepage: https://zrok.io/ + maintainer: support@zrok.io + description: | + This package provides zrok-agent.service. Enable your zrok account on this device with "zrok enable". Run + "systemctl enable --user --now zrok-agent.service" to enable the service for the current user and visit the agent + UI by running "zrok agent console". + license: Apache 2.0 + + # do not bundle the built binaries, only supporting files + meta: true + + # Formats to be generated. + formats: + - deb + - rpm + + # {{ .ConventionalFileName }} satisfies the RPM name convention. + file_name_template: "{{ .ConventionalFileName }}" + + # Umask to be used on files without explicit mode set. (overridable) + umask: 0o002 + + # Package version within this release version. + release: 1 + + # Section. + section: default + + # Priority. + priority: optional + + # GoReleaser will automatically add the binaries here + dependencies: + - zrok + + # this allows users to satisfy the requirement for jq another way, not with the package manager, e.g. + # apt install --no-recommends zrok-share + recommends: [] + + overrides: + # yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency + rpm: + dependencies: + - zrok + + # Contents to add to the package. + contents: + - dst: /usr/lib/systemd/user/ + src: ./nfpm/zrok-agent.service diff --git a/nfpm/zrok-agent.service b/nfpm/zrok-agent.service new file mode 100644 index 00000000..8d760568 --- /dev/null +++ b/nfpm/zrok-agent.service @@ -0,0 +1,18 @@ +# /usr/lib/systemd/user/zrok-agent.service + +[Unit] +Description=zrok agent user service unit +After=network-online.target + +[Service] +Type=simple +UMask=0007 +ExecStart=/opt/openziti/bin/zrok agent start +Restart=always +RestartSec=3 +#StandardInput=null +#StandardOutput=journal +#StandardError=journal + +[Install] +WantedBy=default.target diff --git a/nfpm/zrok-share@.service b/nfpm/zrok-share@.service index ad242bf6..1ccf3356 100644 --- a/nfpm/zrok-share@.service +++ b/nfpm/zrok-share@.service @@ -14,4 +14,4 @@ Restart=always RestartSec=3 [Install] -WantedBy=multi-user.target +WantedBy=default.target From b57c51ec890725616aed5de60548000740f5b6dc Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 21:40:00 -0400 Subject: [PATCH 02/22] document the linux agent service --- docs/guides/_linux-share-install.mdx | 8 +- docs/guides/agent.mdx | 87 ++++++++++++++++++++ docs/guides/linux-agent-service.mdx | 42 ++++++++++ docs/guides/linux-user-share/_category_.json | 8 -- docs/guides/linux-user-share/index.mdx | 44 ---------- 5 files changed, 133 insertions(+), 56 deletions(-) create mode 100644 docs/guides/agent.mdx create mode 100644 docs/guides/linux-agent-service.mdx delete mode 100644 docs/guides/linux-user-share/_category_.json delete mode 100644 docs/guides/linux-user-share/index.mdx diff --git a/docs/guides/_linux-share-install.mdx b/docs/guides/_linux-share-install.mdx index acea45b2..088dc04e 100644 --- a/docs/guides/_linux-share-install.mdx +++ b/docs/guides/_linux-share-install.mdx @@ -3,15 +3,15 @@ ```bash curl -sSLf https://get.openziti.io/install.bash \ - | sudo bash -s zrok-share + | sudo bash -s zrok-agent ``` -1. If you set up the repository by following the guide, then also install the `zrok-share` package. This package provides the systemd service. +1. If you set up the repository by following the guide, then also install the `zrok-agent` package. This package provides the systemd service. ```bash title="Ubuntu, Debian" - sudo apt install zrok-share + sudo apt install zrok-agent ``` ```bash title="Fedora, Rocky" - sudo dnf install zrok-share + sudo dnf install zrok-agent ``` diff --git a/docs/guides/agent.mdx b/docs/guides/agent.mdx new file mode 100644 index 00000000..4baf6a4a --- /dev/null +++ b/docs/guides/agent.mdx @@ -0,0 +1,87 @@ +--- +title: Agent +sidebar_position: 20 +--- + +The zrok agent centralizes management of your public and private zrok shares and private frontends for accessing [private shares](/concepts/sharing-private.mdx). It provides a web-based console interface and changes how the `zrok share` and `zrok access` commands behave. + +## Tutorial + +Run the agent in the foreground. + +```bash +zrok agent +``` + +In another terminal, open the console. + +```bash +zrok agent console +``` + +You should see the agent UI in your default web browser. + +Start sharing a public share with the agent. + +```bash +zrok share public 8080 +``` + +```buttonless title="Output" +token:"zje5x8p0k9pi" frontendEndpoints:"https://zje5x8p0k9pi.share.zrok.io" +``` + +You will see the new public share in the agent UI and you can access it at the public share URL. + +Reserve a private share for the agent to share. + +```bash +zrok reserve private 8080 --closed --unique-name "myshare" +``` +```buttonless title="Output" +[ 1.883] INFO main.(*reserveCommand).run: your reserved share token is 'myshare' +``` + +Start sharing the reserved share with the agent. + +```bash +zrok share reserved "myshare" +``` +```buttonless title="Output" +[ 0.001] INFO main.(*shareReservedCommand).shareAgent: starting +token:"myshare" backendMode:"proxy" shareMode:"private" target:"http://127.0.0.1:8080" +``` + +You will see the new reserved share in the agent UI and you can access it by running `zrok access "myshare"` on another device where you have enabled the same zrok account, since the share was reserved with closed permission mode. + +### Running the Agent in the background + +On Linux, you can [install the Linux package `zrok-agent`](/guides/linux-agent-service.mdx) to keep the agent running in the background after each reboot. + +## How the Agent Works + +### Centralized Management + +Without the agent running, each time you execute a `zrok share` or `zrok access` command, a separate process is created to handle that specific share or access. + +When the agent is running: + +- All shares and accesses are managed by a single agent process +- The agent provides a web UI for monitoring and managing your shares and accesses +- New `zrok share` and `zrok access` commands delegate their operations to the running agent +- You can stop and restart individual shares/accesses without terminating the agent + +### Agent Console + +The agent provides a web-based console interface that can be accessed with: + +```bash +zrok agent console +``` + +This command opens your default web browser to the agent's UI, where you can: + +- View the status of all your active shares and accesses +- Create new shares and accesses using simple UI widgets +- Stop or restart existing shares and accesses +- Monitor traffic and connection statistics diff --git a/docs/guides/linux-agent-service.mdx b/docs/guides/linux-agent-service.mdx new file mode 100644 index 00000000..fe728be1 --- /dev/null +++ b/docs/guides/linux-agent-service.mdx @@ -0,0 +1,42 @@ +--- +title: Linux Agent Service +sidebar_position: 40 +--- + +import LinuxShareInstall from '/../docs/guides/_linux-share-install.mdx' + +## Overview + +Run the zrok agent as a `systemd --user` service under your Linux user account. + +## Install the Package + +The package provides the `zrok` executable and the `zrok-agent.service` unit. + + + +## Enable your Account + +This creates a `~/.zrok` directory enabled for your zrok account. + +```bash +zrok enable +``` + +## Start the Service + +```bash +systemctl --user enable --now zrok-agent.service +``` + +## Use the agent + +Learn more about using the zrok agent in the [agent guide](/guides/agent.mdx). + +## Troubleshooting + +### Check the User Service Log + +```bash +journalctl --user -lfu zrok-agent.service +``` diff --git a/docs/guides/linux-user-share/_category_.json b/docs/guides/linux-user-share/_category_.json deleted file mode 100644 index 16892730..00000000 --- a/docs/guides/linux-user-share/_category_.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "label": "Linux User Share", - "position": 40, - "link": { - "type": "doc", - "id": "guides/linux-user-share/index" - } -} diff --git a/docs/guides/linux-user-share/index.mdx b/docs/guides/linux-user-share/index.mdx deleted file mode 100644 index 6b9679e2..00000000 --- a/docs/guides/linux-user-share/index.mdx +++ /dev/null @@ -1,44 +0,0 @@ ---- -title: Linux User Share ---- - -import LinuxShareInstall from '/../docs/guides/_linux-share-install.mdx' - -## Overview - -You can run any number of zrok share services as `systemd --user` units with your Linux user's zrok environment in `~/.zrok`. This is like [zrok frontdoor](/guides/frontdoor.mdx) except that frontdoor is a system service managed by root separately from your user's login. Linux user shares, Linux system services, and Docker shares all use the same configuration environment variables. - -## Install the Linux Package - -The package provides the `zrok` executable and service unit template. - - - -## Create a User Share Configuration File - -Substitute a name for your instance in place of `my-instance` in the following example. To avoid character escaping problems, use only letters, numbers, hyphens, and underscores in the instance name, not spaces or other special characters. - -```bash -ZROK_INSTANCE="my-instance" -cp /opt/openziti/etc/zrok/zrok-share.env ~/.zrok/zrok-share@${ZROK_INSTANCE}.env -``` - -## Edit the User Share Configuration File - -Edit the configuration file in `~/.zrok/zrok-share@${ZROK_INSTANCE}.env` as you would for [zrok frontdoor](/guides/frontdoor.mdx), except ignore the first section "ZROK ENVIRONMENT" because user shares re-use `~/.zrok` and do not need a separate zrok environment. - -## Start the User Share Service - -```bash -systemctl --user enable --now zrok-share@${ZROK_INSTANCE}.service -``` - -## Check the User Share Journal - -```bash -journalctl --user -lfu zrok-share@${ZROK_INSTANCE}.service -``` - -## Add Another User Share - -To create another user share, choose another instance name, copy the `zrok-share.env` file, edit the configuration file, and start the service. From 485f60e552a76b0ec78b40de87119866c398328a Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 21:40:09 -0400 Subject: [PATCH 03/22] announce the agent package --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3b2bbf9e..c93813e7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CHANGELOG +## v1.0.1 + +FEATURE: zrok-agent Linux package runs the agent as a user service (https://github.com/openziti/zrok/issues/883) + ## v1.0.0 MAJOR RELEASE: zrok reaches version 1.0.0! From 93bfb868cfaebdb0f336c5ad48427dfe6b6c4bf1 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 21:50:18 -0400 Subject: [PATCH 04/22] keep using zrok-share for frontdoor and zrok-agent for the user service --- docs/guides/_linux-agent-install.mdx | 17 +++++++++++++++++ docs/guides/_linux-share-install.mdx | 8 ++++---- docs/guides/linux-agent-service.mdx | 4 ++-- 3 files changed, 23 insertions(+), 6 deletions(-) create mode 100644 docs/guides/_linux-agent-install.mdx diff --git a/docs/guides/_linux-agent-install.mdx b/docs/guides/_linux-agent-install.mdx new file mode 100644 index 00000000..088dc04e --- /dev/null +++ b/docs/guides/_linux-agent-install.mdx @@ -0,0 +1,17 @@ + +1. Set up `zrok`'s Linux package repository by following [the Linux install guide](/guides/install/linux.mdx#install-zrok-from-the-repository), or run this one-liner to complete the repo setup and install packages. + + ```bash + curl -sSLf https://get.openziti.io/install.bash \ + | sudo bash -s zrok-agent + ``` + +1. If you set up the repository by following the guide, then also install the `zrok-agent` package. This package provides the systemd service. + + ```bash title="Ubuntu, Debian" + sudo apt install zrok-agent + ``` + + ```bash title="Fedora, Rocky" + sudo dnf install zrok-agent + ``` diff --git a/docs/guides/_linux-share-install.mdx b/docs/guides/_linux-share-install.mdx index 088dc04e..acea45b2 100644 --- a/docs/guides/_linux-share-install.mdx +++ b/docs/guides/_linux-share-install.mdx @@ -3,15 +3,15 @@ ```bash curl -sSLf https://get.openziti.io/install.bash \ - | sudo bash -s zrok-agent + | sudo bash -s zrok-share ``` -1. If you set up the repository by following the guide, then also install the `zrok-agent` package. This package provides the systemd service. +1. If you set up the repository by following the guide, then also install the `zrok-share` package. This package provides the systemd service. ```bash title="Ubuntu, Debian" - sudo apt install zrok-agent + sudo apt install zrok-share ``` ```bash title="Fedora, Rocky" - sudo dnf install zrok-agent + sudo dnf install zrok-share ``` diff --git a/docs/guides/linux-agent-service.mdx b/docs/guides/linux-agent-service.mdx index fe728be1..cea33115 100644 --- a/docs/guides/linux-agent-service.mdx +++ b/docs/guides/linux-agent-service.mdx @@ -3,7 +3,7 @@ title: Linux Agent Service sidebar_position: 40 --- -import LinuxShareInstall from '/../docs/guides/_linux-share-install.mdx' +import LinuxAgentInstall from '/../docs/guides/_linux-agent-install.mdx' ## Overview @@ -13,7 +13,7 @@ Run the zrok agent as a `systemd --user` service under your Linux user account. The package provides the `zrok` executable and the `zrok-agent.service` unit. - + ## Enable your Account From 9d1fdf3f52d3d5686281300f99542aa6a2791fce Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 21:57:07 -0400 Subject: [PATCH 05/22] prune directives --- nfpm/zrok-agent.service | 3 --- 1 file changed, 3 deletions(-) diff --git a/nfpm/zrok-agent.service b/nfpm/zrok-agent.service index 8d760568..1bc1f78b 100644 --- a/nfpm/zrok-agent.service +++ b/nfpm/zrok-agent.service @@ -10,9 +10,6 @@ UMask=0007 ExecStart=/opt/openziti/bin/zrok agent start Restart=always RestartSec=3 -#StandardInput=null -#StandardOutput=journal -#StandardError=journal [Install] WantedBy=default.target From 6215d88fc17562f31c16814b9b706700e88498ee Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 22:00:14 -0400 Subject: [PATCH 06/22] deprecate nfpms.builds --- .goreleaser-linux-amd64.yml | 2 +- .goreleaser-linux-arm64.yml | 2 +- .goreleaser-linux-armel.yml | 2 +- .goreleaser-linux-armhf.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.goreleaser-linux-amd64.yml b/.goreleaser-linux-amd64.yml index 40695482..e93c58c9 100644 --- a/.goreleaser-linux-amd64.yml +++ b/.goreleaser-linux-amd64.yml @@ -23,7 +23,7 @@ nfpms: license: Apache 2.0 # Build IDs for the builds you want to create NFPM packages for. - builds: + ids: - zrok-amd64 # Formats to be generated. diff --git a/.goreleaser-linux-arm64.yml b/.goreleaser-linux-arm64.yml index bc357c61..d58955f8 100644 --- a/.goreleaser-linux-arm64.yml +++ b/.goreleaser-linux-arm64.yml @@ -27,7 +27,7 @@ nfpms: license: Apache 2.0 # Build IDs for the builds you want to create NFPM packages for. - builds: + ids: - zrok-armv8 # Formats to be generated. diff --git a/.goreleaser-linux-armel.yml b/.goreleaser-linux-armel.yml index f4433553..52ea8fb8 100644 --- a/.goreleaser-linux-armel.yml +++ b/.goreleaser-linux-armel.yml @@ -31,7 +31,7 @@ nfpms: license: Apache 2.0 # Build IDs for the builds you want to create NFPM packages for. - builds: + ids: - zrok-armel # Formats to be generated. diff --git a/.goreleaser-linux-armhf.yml b/.goreleaser-linux-armhf.yml index fd76de1f..4f71e078 100644 --- a/.goreleaser-linux-armhf.yml +++ b/.goreleaser-linux-armhf.yml @@ -29,7 +29,7 @@ nfpms: license: Apache 2.0 # Build IDs for the builds you want to create NFPM packages for. - builds: + ids: - zrok-armhf # Formats to be generated. From 004edab40457f95cc8afc33bdfee468d7ac5cd49 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 22:09:07 -0400 Subject: [PATCH 07/22] mention the agent does not remember shares/accesses following a restart --- docs/guides/agent.mdx | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/guides/agent.mdx b/docs/guides/agent.mdx index 4baf6a4a..9405aec7 100644 --- a/docs/guides/agent.mdx +++ b/docs/guides/agent.mdx @@ -70,6 +70,7 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses - New `zrok share` and `zrok access` commands delegate their operations to the running agent - You can stop and restart individual shares/accesses without terminating the agent +- If you restart the agent it will forget about all shares and accesses that were started while it was running ### Agent Console From f5053ecf4e9410df277fb6d774a01b1e7256de4d Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Thu, 20 Mar 2025 22:12:24 -0400 Subject: [PATCH 08/22] link the amnesia warning to the solving issue --- docs/guides/agent.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/guides/agent.mdx b/docs/guides/agent.mdx index 9405aec7..8e535ebd 100644 --- a/docs/guides/agent.mdx +++ b/docs/guides/agent.mdx @@ -70,7 +70,7 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses - New `zrok share` and `zrok access` commands delegate their operations to the running agent - You can stop and restart individual shares/accesses without terminating the agent -- If you restart the agent it will forget about all shares and accesses that were started while it was running +- If you restart the agent it will forget about all shares and accesses that were started while it was running ([link to GitHub issue](https://github.com/openziti/zrok/issues/922)) ### Agent Console From e0e546365ecb70b40b23101e30e78bced524f6c0 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Wed, 26 Mar 2025 14:28:49 -0400 Subject: [PATCH 09/22] rebase linux agent on windows agent --- docs/guides/agent/_category_.json | 3 ++- docs/guides/{agent.mdx => agent/index.mdx} | 0 .../{linux-agent-service.mdx => agent/linux-service.mdx} | 0 docs/guides/agent/windows-service/index.mdx | 1 + 4 files changed, 3 insertions(+), 1 deletion(-) rename docs/guides/{agent.mdx => agent/index.mdx} (100%) rename docs/guides/{linux-agent-service.mdx => agent/linux-service.mdx} (100%) diff --git a/docs/guides/agent/_category_.json b/docs/guides/agent/_category_.json index 1800c217..0b0babcd 100644 --- a/docs/guides/agent/_category_.json +++ b/docs/guides/agent/_category_.json @@ -2,6 +2,7 @@ "label": "The zrok Agent", "position": 15, "link": { - "type": "generated-index" + "type": "doc", + "id": "guides/agent/index" } } diff --git a/docs/guides/agent.mdx b/docs/guides/agent/index.mdx similarity index 100% rename from docs/guides/agent.mdx rename to docs/guides/agent/index.mdx diff --git a/docs/guides/linux-agent-service.mdx b/docs/guides/agent/linux-service.mdx similarity index 100% rename from docs/guides/linux-agent-service.mdx rename to docs/guides/agent/linux-service.mdx diff --git a/docs/guides/agent/windows-service/index.mdx b/docs/guides/agent/windows-service/index.mdx index e1a6ee03..6a02fcd2 100644 --- a/docs/guides/agent/windows-service/index.mdx +++ b/docs/guides/agent/windows-service/index.mdx @@ -1,5 +1,6 @@ --- title: Configuring a Windows Service +sidebar_label: Windows Agent Service --- In Windows environments, it can be useful to run the zrok Agent as a service, allowing it to automatically restart with your system. From c6ea32ee6c19c99a610b5f5bab5178a974ab8749 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Wed, 26 Mar 2025 14:35:34 -0400 Subject: [PATCH 10/22] fix links --- docs/guides/agent/index.mdx | 2 +- docs/guides/agent/linux-service.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 8e535ebd..62b34a47 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -56,7 +56,7 @@ You will see the new reserved share in the agent UI and you can access it by run ### Running the Agent in the background -On Linux, you can [install the Linux package `zrok-agent`](/guides/linux-agent-service.mdx) to keep the agent running in the background after each reboot. +On Linux, you can [install the Linux package `zrok-agent`](/guides/agent/linux-service.mdx) to keep the agent running in the background after each reboot. ## How the Agent Works diff --git a/docs/guides/agent/linux-service.mdx b/docs/guides/agent/linux-service.mdx index cea33115..b6cffe67 100644 --- a/docs/guides/agent/linux-service.mdx +++ b/docs/guides/agent/linux-service.mdx @@ -31,7 +31,7 @@ systemctl --user enable --now zrok-agent.service ## Use the agent -Learn more about using the zrok agent in the [agent guide](/guides/agent.mdx). +Learn more about using the zrok agent in the [agent guide](/guides/agent/index.mdx). ## Troubleshooting From 94aa4fc2b142c808203a10dac932bb3a02b94f16 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 10:18:37 -0400 Subject: [PATCH 11/22] always prune the agent socket when starting the agent user service --- nfpm/zrok-agent.service | 1 + 1 file changed, 1 insertion(+) diff --git a/nfpm/zrok-agent.service b/nfpm/zrok-agent.service index 1bc1f78b..aa80488a 100644 --- a/nfpm/zrok-agent.service +++ b/nfpm/zrok-agent.service @@ -7,6 +7,7 @@ After=network-online.target [Service] Type=simple UMask=0007 +ExecStartPre=/usr/bin/env rm %h/.zrok/agent.socket ExecStart=/opt/openziti/bin/zrok agent start Restart=always RestartSec=3 From d1f67d4f09c49d8a355b3ad8328893b14fe28ffa Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 10:55:44 -0400 Subject: [PATCH 12/22] allow rm unlink command to succeed if socket doesn't exist --- nfpm/zrok-agent.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nfpm/zrok-agent.service b/nfpm/zrok-agent.service index aa80488a..71ac298c 100644 --- a/nfpm/zrok-agent.service +++ b/nfpm/zrok-agent.service @@ -7,7 +7,7 @@ After=network-online.target [Service] Type=simple UMask=0007 -ExecStartPre=/usr/bin/env rm %h/.zrok/agent.socket +ExecStartPre=/usr/bin/env rm --force %h/.zrok/agent.socket ExecStart=/opt/openziti/bin/zrok agent start Restart=always RestartSec=3 From 37321df18e49fdd13a9e47ed87ad7c914f31056d Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:33:25 -0400 Subject: [PATCH 13/22] include agent status hint and link to windows service setup --- docs/guides/agent/index.mdx | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 62b34a47..4a904132 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -3,7 +3,7 @@ title: Agent sidebar_position: 20 --- -The zrok agent centralizes management of your public and private zrok shares and private frontends for accessing [private shares](/concepts/sharing-private.mdx). It provides a web-based console interface and changes how the `zrok share` and `zrok access` commands behave. +The zrok Agent centralizes management of your zrok shares and accesses. It provides a web-based console interface and changes how the `zrok share` and `zrok access` commands behave. ## Tutorial @@ -38,6 +38,7 @@ Reserve a private share for the agent to share. ```bash zrok reserve private 8080 --closed --unique-name "myshare" ``` + ```buttonless title="Output" [ 1.883] INFO main.(*reserveCommand).run: your reserved share token is 'myshare' ``` @@ -47,6 +48,7 @@ Start sharing the reserved share with the agent. ```bash zrok share reserved "myshare" ``` + ```buttonless title="Output" [ 0.001] INFO main.(*shareReservedCommand).shareAgent: starting token:"myshare" backendMode:"proxy" shareMode:"private" target:"http://127.0.0.1:8080" @@ -54,9 +56,27 @@ token:"myshare" backendMode:"proxy" shareMode:"private" target:"http://127.0.0.1 You will see the new reserved share in the agent UI and you can access it by running `zrok access "myshare"` on another device where you have enabled the same zrok account, since the share was reserved with closed permission mode. +Check the status of the agent's shares and accesses. + +```bash +zrok agent status +``` + +```buttonless title="Output" + FRONTEND TOKEN TOKEN BIND ADDRESS +0 accesses in agent + + TOKEN RESERVED SHARE MODE BACKEND MODE TARGET + myshare true private tcpTunnel 127.0.0.1:8080 +1 share in agent +``` + ### Running the Agent in the background -On Linux, you can [install the Linux package `zrok-agent`](/guides/agent/linux-service.mdx) to keep the agent running in the background after each reboot. +You can keep the agent running reliably in the background by installing the agent service in Windows or Linux. + +- Windows - [set up the Windows system service](/guides/agent/windows-service/index.mdx) +- Linux - [install the Linux package `zrok-agent`](/guides/agent/linux-service.mdx) ## How the Agent Works From 4ac6063fbc530e2f5a7a1116b1e4900d90495276 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:37:25 -0400 Subject: [PATCH 14/22] enhance the intro statement about the agent --- docs/guides/agent/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 4a904132..1bd397c8 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -3,7 +3,7 @@ title: Agent sidebar_position: 20 --- -The zrok Agent centralizes management of your zrok shares and accesses. It provides a web-based console interface and changes how the `zrok share` and `zrok access` commands behave. +The zrok Agent centralizes management of your zrok shares and accesses. It provides a both web-based and command-line interfaces, and changes how the `zrok share` and `zrok access` commands behave. ## Tutorial From a951f8500c29a63a5d2a010d31f30ed758608421 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:38:23 -0400 Subject: [PATCH 15/22] stop warning about agent forgetting --- docs/guides/agent/index.mdx | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 1bd397c8..835600d0 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -90,7 +90,6 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses - New `zrok share` and `zrok access` commands delegate their operations to the running agent - You can stop and restart individual shares/accesses without terminating the agent -- If you restart the agent it will forget about all shares and accesses that were started while it was running ([link to GitHub issue](https://github.com/openziti/zrok/issues/922)) ### Agent Console From 9efeb2f3410377b7c1d8641ce4e1cb2afea743d3 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:42:41 -0400 Subject: [PATCH 16/22] fix typo --- docs/guides/agent/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 835600d0..058c0230 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -3,7 +3,7 @@ title: Agent sidebar_position: 20 --- -The zrok Agent centralizes management of your zrok shares and accesses. It provides a both web-based and command-line interfaces, and changes how the `zrok share` and `zrok access` commands behave. +The zrok Agent centralizes management of your zrok shares and accesses. It provides both web-based and command-line interfaces, and changes how the `zrok share` and `zrok access` commands behave. ## Tutorial From 4a679a944b4c0fa7bc5f158fe552d2c3b473c50f Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:44:22 -0400 Subject: [PATCH 17/22] mention the agent will remember managed shares/accesses --- docs/guides/agent/index.mdx | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 058c0230..b738309b 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -90,6 +90,7 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses - New `zrok share` and `zrok access` commands delegate their operations to the running agent - You can stop and restart individual shares/accesses without terminating the agent +- You can restart the agent and it will remember its managed shares/accesses ### Agent Console From 76918d4f3d3b0fef524c253940226fe0d4d599b4 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:50:44 -0400 Subject: [PATCH 18/22] refine word choice --- docs/guides/agent/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index b738309b..23611ae3 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -90,7 +90,7 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses - New `zrok share` and `zrok access` commands delegate their operations to the running agent - You can stop and restart individual shares/accesses without terminating the agent -- You can restart the agent and it will remember its managed shares/accesses +- Restarting the agent and will restart shares/accesses ### Agent Console From fc5416e56d7d5609f03dd6110173ba08f78055a8 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:55:46 -0400 Subject: [PATCH 19/22] refine word choice further --- docs/guides/agent/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 23611ae3..7e0ac05b 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -90,7 +90,7 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses - New `zrok share` and `zrok access` commands delegate their operations to the running agent - You can stop and restart individual shares/accesses without terminating the agent -- Restarting the agent and will restart shares/accesses +- the Agent will automatically restart reserved shares and private accesses ### Agent Console From 3a39f41450179ce1d63ed82c562b078a0adea759 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 11:57:59 -0400 Subject: [PATCH 20/22] clarify agent info --- docs/guides/agent/index.mdx | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 7e0ac05b..dc484a99 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -86,11 +86,11 @@ Without the agent running, each time you execute a `zrok share` or `zrok access` When the agent is running: -- All shares and accesses are managed by a single agent process -- The agent provides a web UI for monitoring and managing your shares and accesses -- New `zrok share` and `zrok access` commands delegate their operations to the running agent -- You can stop and restart individual shares/accesses without terminating the agent -- the Agent will automatically restart reserved shares and private accesses +- All shares and accesses are managed by a single agent process. +- The agent provides a web UI for monitoring and managing your shares and accesses. +- The `zrok share` and `zrok access` commands delegate their operations to the running agent. +- You can stop and restart individual shares/accesses without terminating the agent. +- The agent will remember your reserved shares and any access private instances, restarting them when the agent starts each time. ### Agent Console From cbef577384c5dff9305680b4552d84f056da430a Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 12:01:27 -0400 Subject: [PATCH 21/22] refine agent info --- docs/guides/agent/index.mdx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index dc484a99..6727cdae 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -90,7 +90,8 @@ When the agent is running: - The agent provides a web UI for monitoring and managing your shares and accesses. - The `zrok share` and `zrok access` commands delegate their operations to the running agent. - You can stop and restart individual shares/accesses without terminating the agent. -- The agent will remember your reserved shares and any access private instances, restarting them when the agent starts each time. +- The Agent will remember and automatically restart your shares started with `share reserved`, and any accesses started with `access private`. +- The Agent will not restart regular, ephemeral shares started with `share private` or `share public`. ### Agent Console From 085b7dc6bd30b40a95085f97fe8b637707d050f6 Mon Sep 17 00:00:00 2001 From: Kenneth Bingham Date: Tue, 1 Apr 2025 12:04:32 -0400 Subject: [PATCH 22/22] consistently capitalize Agent in the agent landing page --- docs/guides/agent/index.mdx | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/docs/guides/agent/index.mdx b/docs/guides/agent/index.mdx index 6727cdae..4be961e1 100644 --- a/docs/guides/agent/index.mdx +++ b/docs/guides/agent/index.mdx @@ -7,7 +7,7 @@ The zrok Agent centralizes management of your zrok shares and accesses. It provi ## Tutorial -Run the agent in the foreground. +Run the Agent in the foreground. ```bash zrok agent @@ -19,9 +19,9 @@ In another terminal, open the console. zrok agent console ``` -You should see the agent UI in your default web browser. +You should see the Agent UI in your default web browser. -Start sharing a public share with the agent. +Start sharing a public share with the Agent. ```bash zrok share public 8080 @@ -31,9 +31,9 @@ zrok share public 8080 token:"zje5x8p0k9pi" frontendEndpoints:"https://zje5x8p0k9pi.share.zrok.io" ``` -You will see the new public share in the agent UI and you can access it at the public share URL. +You will see the new public share in the Agent UI and you can access it at the public share URL. -Reserve a private share for the agent to share. +Reserve a private share for the Agent to share. ```bash zrok reserve private 8080 --closed --unique-name "myshare" @@ -43,7 +43,7 @@ zrok reserve private 8080 --closed --unique-name "myshare" [ 1.883] INFO main.(*reserveCommand).run: your reserved share token is 'myshare' ``` -Start sharing the reserved share with the agent. +Start sharing the reserved share with the Agent. ```bash zrok share reserved "myshare" @@ -54,9 +54,9 @@ zrok share reserved "myshare" token:"myshare" backendMode:"proxy" shareMode:"private" target:"http://127.0.0.1:8080" ``` -You will see the new reserved share in the agent UI and you can access it by running `zrok access "myshare"` on another device where you have enabled the same zrok account, since the share was reserved with closed permission mode. +You will see the new reserved share in the Agent UI and you can access it by running `zrok access "myshare"` on another device where you have enabled the same zrok account, since the share was reserved with closed permission mode. -Check the status of the agent's shares and accesses. +Check the status of the Agent's shares and accesses. ```bash zrok agent status @@ -73,7 +73,7 @@ zrok agent status ### Running the Agent in the background -You can keep the agent running reliably in the background by installing the agent service in Windows or Linux. +You can keep the Agent running reliably in the background by installing the Agent service in Windows or Linux. - Windows - [set up the Windows system service](/guides/agent/windows-service/index.mdx) - Linux - [install the Linux package `zrok-agent`](/guides/agent/linux-service.mdx) @@ -82,26 +82,26 @@ You can keep the agent running reliably in the background by installing the agen ### Centralized Management -Without the agent running, each time you execute a `zrok share` or `zrok access` command, a separate process is created to handle that specific share or access. +Without the Agent running, each time you execute a `zrok share` or `zrok access` command, a separate process is created to handle that specific share or access. -When the agent is running: +When the Agent is running: -- All shares and accesses are managed by a single agent process. -- The agent provides a web UI for monitoring and managing your shares and accesses. -- The `zrok share` and `zrok access` commands delegate their operations to the running agent. -- You can stop and restart individual shares/accesses without terminating the agent. +- All shares and accesses are managed by a single Agent process. +- The Agent provides a web UI for monitoring and managing your shares and accesses. +- The `zrok share` and `zrok access` commands delegate their operations to the running Agent. +- You can stop and restart individual shares/accesses without terminating the Agent. - The Agent will remember and automatically restart your shares started with `share reserved`, and any accesses started with `access private`. - The Agent will not restart regular, ephemeral shares started with `share private` or `share public`. ### Agent Console -The agent provides a web-based console interface that can be accessed with: +The Agent provides a web-based console interface that can be accessed with: ```bash zrok agent console ``` -This command opens your default web browser to the agent's UI, where you can: +This command opens your default web browser to the Agent UI, where you can: - View the status of all your active shares and accesses - Create new shares and accesses using simple UI widgets