feat: watch for serve config that conflicts with WebGUI (#37)

dkaser · web-flow · commit 6dc5e7bd62f1 · 2025-05-05T23:52:15.000-04:00
diff --git a/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/LocalAPI.php b/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/LocalAPI.php
@@ -60,6 +60,16 @@ public function getTkaStatus(): \stdClass
         return (object) json_decode($this->tailscaleLocalAPI('v0/tka/status'));
     }
 
+    public function getServeConfig(): \stdClass
+    {
+        return (object) json_decode($this->tailscaleLocalAPI('v0/serve-config'));
+    }
+
+    public function resetServeConfig(): void
+    {
+        $this->tailscaleLocalAPI("v0/serve-config", APIMethods::POST, new \stdClass());
+    }
+
     public function postLoginInteractive(): void
     {
         $this->tailscaleLocalAPI('v0/login-interactive', APIMethods::POST);
diff --git a/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/System.php b/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/System.php
@@ -54,9 +54,7 @@ public static function checkWebgui(Config $config, string $tailscale_ipv4): void
             $connection = @fsockopen($tailscale_ipv4, $ident_config['PORT']);
 
             if (is_resource($connection)) {
-                if ((intval(date("i")) % 10 == 0)) {
-                    Utils::logmsg("WebGUI listening on {$tailscale_ipv4}:{$ident_config['PORT']}");
-                }
+                Utils::logmsg("WebGUI listening on {$tailscale_ipv4}:{$ident_config['PORT']}", false, true);
             } else {
                 Utils::logmsg("WebGUI not listening on {$tailscale_ipv4}:{$ident_config['PORT']}, terminating and restarting");
                 Utils::run_command("/etc/rc.d/rc.nginx term");
@@ -66,6 +64,39 @@ public static function checkWebgui(Config $config, string $tailscale_ipv4): void
         }
     }
 
+    public static function checkServeConfig(): void
+    {
+        $ident_config = parse_ini_file("/boot/config/ident.cfg") ?: array();
+
+        $httpPort = isset($ident_config['PORT']) && is_scalar($ident_config['PORT'])
+                     ? intval($ident_config['PORT']) : 80;
+        $httpsPort = -1;
+
+        if (($ident_config['USE_SSL'] ?? "no") != "no") {
+            $httpsPort = isset($ident_config['PORTSSL']) && is_scalar($ident_config['PORTSSL'])
+                         ? intval($ident_config['PORTSSL']) : 443;
+        }
+
+        $localAPI    = new LocalAPI();
+        $serveConfig = $localAPI->getServeConfig();
+
+        $tcpConfig = $serveConfig->TCP ?? array();
+
+        foreach ($tcpConfig as $key => $val) {
+            $configPort = intval($key);
+
+            if ($configPort == $httpPort || $configPort == $httpsPort) {
+                Utils::logmsg("Serve TCP Port {$configPort} conflicts with WebGUI, removing");
+                $localAPI->resetServeConfig();
+                Utils::run_command(self::RESTART_COMMAND);
+
+                return;
+            } else {
+                Utils::logmsg("Checked for WebGUI conflict with serve TCP Port {$configPort}", false, true);
+            }
+        }
+    }
+
     public static function restartSystemServices(Config $config): void
     {
         if ($config->IncludeInterface) {
diff --git a/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/Utils.php b/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/Utils.php
@@ -194,8 +194,13 @@ public static function run_command(string $command, bool $alwaysShow = false, bo
         return $output;
     }
 
-    public static function logmsg(string $message, bool $debug = false): void
+    public static function logmsg(string $message, bool $debug = false, bool $rateLimit = false): void
     {
+        if ($rateLimit && (intval(date("i")) % 10 != 0)) {
+            // Only log rate limited messages every 10 minutes
+            return;
+        }
+
         if ($debug) {
             if (defined("TAILSCALE_TRUNK")) {
                 $message = "DEBUG: " . $message;
diff --git a/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/Watcher.php b/src/usr/local/emhttp/plugins/tailscale/include/Tailscale/Watcher.php
@@ -52,6 +52,7 @@ public function run(): void
                 }
 
                 Utils::run_task('Tailscale\System::checkWebgui', array($this->config, $tailscale_ipv4));
+                Utils::run_task('Tailscale\System::checkServeConfig');
                 Utils::run_task('Tailscale\System::fixLocalSubnetRoutes');
 
                 // Watch for changes to the DNS name (e.g., if someone changes the tailnet name or the Tailscale name of the server via the admin console)

Original file line number	Diff line number	Diff line change
`@@ -194,8 +194,13 @@ public static function run_command(string $command, bool $alwaysShow = false, bo`
`194`	`194`	`return $output;`
`195`	`195`	`}`
`196`	`196`
`197`		`- public static function logmsg(string $message, bool $debug = false): void`
	`197`	`+ public static function logmsg(string $message, bool $debug = false, bool $rateLimit = false): void`
`198`	`198`	`{`
	`199`	`+ if ($rateLimit && (intval(date("i")) % 10 != 0)) {`
	`200`	`+ // Only log rate limited messages every 10 minutes`
	`201`	`+ return;`
	`202`	`+ }`
	`203`	`+`
`199`	`204`	`if ($debug) {`
`200`	`205`	`if (defined("TAILSCALE_TRUNK")) {`
`201`	`206`	`$message = "DEBUG: " . $message;`
Original file line number	Diff line number	Diff line change
`@@ -52,6 +52,7 @@ public function run(): void`
`52`	`52`	`}`
`53`	`53`
`54`	`54`	`Utils::run_task('Tailscale\System::checkWebgui', array($this->config, $tailscale_ipv4));`
	`55`	`+ Utils::run_task('Tailscale\System::checkServeConfig');`
`55`	`56`	`Utils::run_task('Tailscale\System::fixLocalSubnetRoutes');`
`56`	`57`
`57`	`58`	`// Watch for changes to the DNS name (e.g., if someone changes the tailnet name or the Tailscale name of the server via the admin console)`