add wizards to choose service variant

- add install and upgrade wizards to choose service variant - add detailed logger config - remove unsupported config options (verbose, timeout)
hgy59 · Feb 10, 2025 · c74fd4f · c74fd4f
1 parent 9f06114
commit c74fd4f
Show file tree

Hide file tree

Showing 7 changed files with 89 additions and 5 deletions.
diff --git a/cross/sslh/Makefile b/cross/sslh/Makefile
@@ -34,6 +34,6 @@ include ../../mk/spksrc.cross-cc.mk
 .PHONY: sslh_install
 sslh_install:
 	@install -d -m 755 $(STAGING_INSTALL_PREFIX)/bin
-	@install -m 755 $(WORK_DIR)/$(PKG_DIR)/sslh-fork $(STAGING_INSTALL_PREFIX)/bin/sslh
+	@install -m 755 $(WORK_DIR)/$(PKG_DIR)/sslh-fork $(STAGING_INSTALL_PREFIX)/bin/
 	@install -m 755 $(WORK_DIR)/$(PKG_DIR)/sslh-select $(STAGING_INSTALL_PREFIX)/bin/
 	@install -m 755 $(WORK_DIR)/$(PKG_DIR)/sslh-ev $(STAGING_INSTALL_PREFIX)/bin/
diff --git a/cross/sslh/PLIST b/cross/sslh/PLIST
@@ -1,3 +1,3 @@
-bin:bin/sslh
+bin:bin/sslh-fork
 bin:bin/sslh-ev
 bin:bin/sslh-select
diff --git a/spk/sslh/Makefile b/spk/sslh/Makefile
@@ -11,12 +11,14 @@ MAINTAINER = SynoCommunity
 DESCRIPTION = sslh is a ssl/ssh multiplexer. sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client. Probes for HTTP, TLS/SSL \(including SNI and ALPN\), SSH, OpenVPN, tinc, XMPP, SOCKS5, are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 \(e.g. to connect to SSH from inside a corporate firewall, which almost never block port 443\) while still serving HTTPS on that port.
 
 DISPLAY_NAME = sslh
-CHANGELOG = "1. Update sslh to v2.1.4. <br/>2. Add sslh-select and sslh-ev."
+CHANGELOG = "1. Update sslh to v2.1.4. <br/>2. Add sslh-select and sslh-ev. <br/>3. Add option to choose sslh-fork, sslh-select or sslh-ev at installation and upgrade."
 
 HOMEPAGE  = https://www.rutschle.net/tech/sslh/README.html
 LICENSE   = GPLv2
 STARTABLE = yes
 
+WIZARDS_DIR = src/wizard/
+
 SERVICE_USER = auto
 SERVICE_SETUP = src/service-setup.sh
 

diff --git a/spk/sslh/src/service-setup.sh b/spk/sslh/src/service-setup.sh
@@ -2,3 +2,27 @@ PATH="${SYNOPKG_PKGDEST}/bin:${PATH}"
 SSLH="${SYNOPKG_PKGDEST}/bin/sslh"
 CFG_FILE="${SYNOPKG_PKGVAR}/sslh.cfg"
 SERVICE_COMMAND="${SSLH} -F${CFG_FILE}"
+
+
+create_sslh_link ()
+{
+  _target=${1}
+  if [ -z "${_target}" ]; then
+    _target=sslh-fork
+  fi
+
+  echo "install ${_target} as sslh"
+
+  cd ${SYNOPKG_PKGDEST}/bin && ln -sf ${_target} ${SSLH}
+}
+
+service_postinst ()
+{
+   if [ "${wizard_sslh_select}" = "true" ]; then
+      create_sslh_link "sslh-select"
+   elif [ "${wizard_sslh_ev}" = "true" ]; then
+      create_sslh_link "sslh-ev"
+   else
+      create_sslh_link "sslh-fork"
+   fi
+}
diff --git a/spk/sslh/src/sslh.cfg b/spk/sslh/src/sslh.cfg
@@ -1,13 +1,31 @@
-verbose: 1;
+# You can manually adjust the configuration for sslh
+# A package update will keep this file; the config file that comes 
+# with the update might have different values and will be available as sslh.cfg.new
+# 
+
 foreground: false;
 inetd: false;
 numeric: false;
 transparent: false;
-timeout: "5";
 user: "sc-sslh";
 pidfile: "/var/packages/sslh/var/sslh.pid";
 logfile: "/var/packages/sslh/var/sslh.log";
 
+# Logging configuration
+# Value: 1: stdout; 2: syslog; 3: stdout+syslog; 4: logfile; ...; 7: all
+# Generally, you want *-error to be always enabled, to know if something is going wrong.
+# for DSM use either 0 to disable or 4 to print to logfile
+verbose-config: 4; #  print configuration at startup
+verbose-config-error: 4;  # print configuration errors
+verbose-connections: 4; # trace established incoming address to forward address
+verbose-connections-error: 4; # connection errors
+verbose-connections-try: 0; # connection attempts towards targets
+verbose-fd: 0; # file descriptor activity, open/close/whatnot
+verbose-packets: 0; # hexdump packets on which probing is done
+verbose-probe-info: 0; # what's happening during the probe process
+verbose-probe-error: 4; # failures and problems during probing
+verbose-system-error: 4; # system call problem, i.e.  malloc, fork, failing
+verbose-int-error: 4; # internal errors, the kind that should never happen
 
 # Change hostname with your external address name, or the IP
 # of the interface that receives connections

diff --git a/spk/sslh/src/wizard/install_uifile b/spk/sslh/src/wizard/install_uifile
@@ -0,0 +1,20 @@
+[{
+    "step_title": "sslh service variant",
+    "items": [{
+        "type": "singleselect",
+        "desc": "Select what sslh variant to use:",
+        "subitems": [{
+            "key": "wizard_sslh_fork",
+            "desc": "<b>sslh-fork</b> forks a new process for each incoming connection. It is well-tested and very reliable, but incurs the overhead of many processes. If you are going to use sslh for a 'small' setup (less than a dozen ssh connections and a low-traffic https server) then <code>sslh-fork</code> is probably more suited for you.",
+            "defaultValue": true
+        },{
+            "key": "wizard_sslh_select",
+            "desc": "<b>sslh-select</b> uses only one thread, which monitors all connections at once. It only incurs a 16 byte overhead per connection. Also, if it stops, you'll lose all connections, which means you can't upgrade it remotely. If you are going to use sslh on a 'medium' setup (a few hundreds of connections), or if you are on a system where forking is expensive (e.g. Windows), <code>sslh-select</code> will be better.",
+            "defaultValue": false
+        },{
+            "key": "wizard_sslh_ev",
+            "desc": "<b>sslh-ev</b> is similar to <code>sslh-select</code>, but uses libev as a backend. This allows using specific kernel APIs that allow to manage thousands of connections concurrently.",
+            "defaultValue": false
+        }]
+    }]
+}]
diff --git a/spk/sslh/src/wizard/upgrade_uifile b/spk/sslh/src/wizard/upgrade_uifile
@@ -0,0 +1,20 @@
+[{
+    "step_title": "sslh service variant",
+    "items": [{
+        "type": "singleselect",
+        "desc": "Select what sslh variant to use:",
+        "subitems": [{
+            "key": "wizard_sslh_fork",
+            "desc": "<b>sslh-fork</b> forks a new process for each incoming connection. It is well-tested and very reliable, but incurs the overhead of many processes. If you are going to use sslh for a 'small' setup (less than a dozen ssh connections and a low-traffic https server) then <code>sslh-fork</code> is probably more suited for you.",
+            "defaultValue": true
+        },{
+            "key": "wizard_sslh_select",
+            "desc": "<b>sslh-select</b> uses only one thread, which monitors all connections at once. It only incurs a 16 byte overhead per connection. Also, if it stops, you'll lose all connections, which means you can't upgrade it remotely. If you are going to use sslh on a 'medium' setup (a few hundreds of connections), or if you are on a system where forking is expensive (e.g. Windows), <code>sslh-select</code> will be better.",
+            "defaultValue": false
+        },{
+            "key": "wizard_sslh_ev",
+            "desc": "<b>sslh-ev</b> is similar to <code>sslh-select</code>, but uses libev as a backend. This allows using specific kernel APIs that allow to manage thousands of connections concurrently.",
+            "defaultValue": false
+        }]
+    }]
+}]