Implement automatic init system detection and service file generation
for systemd, OpenRC (Alpine/Gentoo), and FreeBSD rc.d:
- Add src/service module with init system detection and generators
- Auto-detect init system via filesystem probes
- Generate platform-appropriate service files during --init
systemd enhancements:
- ExecReload for SIGHUP config reload
- PIDFile directive
- Comprehensive security hardening (ProtectKernelTunables,
RestrictAddressFamilies, MemoryDenyWriteExecute, etc.)
- CAP_NET_BIND_SERVICE for privileged ports
OpenRC support:
- Standard openrc-run script with depend/reload functions
- Directory setup in start_pre
FreeBSD rc.d support:
- rc.subr integration with rc.conf variables
- reload extra command
The --init command now detects the init system and runs the
appropriate enable/start commands (systemctl, rc-update, sysrc).
Signed-off-by: Vladimir Krivopalov <argenet@yandex.ru>
Implement CLI subcommands for managing telemt as a daemon:
- `start [config.toml]` - Start as background daemon (implies --daemon)
- `stop` - Stop running daemon by sending SIGTERM
- `reload` - Reload configuration by sending SIGHUP
- `status` - Check if daemon is running via PID file
Subcommands use the PID file (default /var/run/telemt.pid) to locate
the running daemon. Stop command waits up to 10 seconds for graceful
shutdown. Status cleans up stale PID files automatically.
Updated help text with subcommand documentation and usage examples.
Exit codes follow Unix convention: 0 for success, 1 for not running
or error.
Signed-off-by: Vladimir Krivopalov <argenet@yandex.ru>
Enhance signal handling to support proper daemon operation:
- SIGTERM: Graceful shutdown (same behavior as SIGINT)
- SIGQUIT: Graceful shutdown with full statistics dump
- SIGUSR1: Log rotation acknowledgment for external tools
- SIGUSR2: Dump runtime status to log without stopping
Statistics dump includes connection counts, ME keepalive metrics,
and relay adaptive tuning counters. SIGHUP config reload unchanged
(handled in hot_reload.rs).
Signals are handled via tokio::signal::unix with async select!
to avoid blocking the runtime. Non-shutdown signals (USR1/USR2)
run in a background task spawned at startup.
Signed-off-by: Vladimir Krivopalov <argenet@yandex.ru>
Implement core daemon infrastructure for running telemt as a background
service on Unix platforms (Linux, FreeBSD, etc.):
- Add src/daemon module with classic double-fork daemonization
- Implement flock-based PID file management to prevent duplicate instances
- Add privilege dropping (setuid/setgid) after socket binding
- New CLI flags: --daemon, --foreground, --pid-file, --run-as-user,
--run-as-group, --working-dir
Daemonization occurs before tokio runtime starts to ensure clean fork.
PID file uses exclusive locking to detect already-running instances.
Privilege dropping happens after bind_listeners() to allow binding
to privileged ports (< 1024) before switching to unprivileged user.
Signed-off-by: Vladimir Krivopalov <argenet@yandex.ru>
Add 9091 port mapping to compose.yml to make the REST API reachable
from outside the container. Previously only port 9090 (metrics) was
published, making the documented curl commands non-functional.
fixes#434
Vladimir Krivopalov