feat: Add support for automatically installing Tailscale after a firmware upgrade

[notheotherben]

This PR adds experimental support for automatically installing Tailscale following a UniFi OS 2.x firmware upgrade (as well as updating Tailscale after a reboot, if an update is available). It does so by installing a systemd unit which runs before tailscaled in the startup sequence and triggers the /data/manage.sh on-boot command (in much the same way as the UniFi OS 1.x on_boot.d script worked).

I have not had an opportunity to test this on a full firmware upgrade, however indications are that systemd units persist across firmware upgrades, which should ensure that this works as expected.

Testing Steps

To validate that this new release works correctly on your device, please follow these steps to install a prerelease version of it:

1. Download the latest release package (from the Build / Package pipeline - here) onto your device.

   scp ./package.zip root@unifi:/tmp/tailscale-udm-pre.zip

2. Unzip the build artifact package using unzip -oq /tmp/tailscale-udm-pre.zip -d /tmp
3. Un-tar the installation package into your /data/tailscale directory using tar xzf /tmp/tailscale-udm.tgz -C /data/
4. Run the force installation command: /data/tailscale/manage.sh install!
5. Confirm that the message Installing pre-start script to install Tailscale on firmware updates. is printed to your terminal.
6. Install the latest firmware update for your device using ubnt-systool fwupdate <url-of-firmware-package> and confirm that Tailscale is present and running after the firmware update completes. (Note that you can install the current firmware version if you wish to test immediately).

See #38 for further information.

[GlitchWitch]

Thanks for this PR!

I'll get it setup on a UDM Pro and will report back when the next firmware update after 2.5.17 is available for download.

[GlitchWitch]

Tested and initially ran into an issue where curl would not download the package linked. After manually downloading it and using SCP to transfer it over I am only seeing the following message:

Tailscale is already installed, if you wish to update it, run '/data/tailscale/manage.sh update'

Running the update function responds with:

Tailscale is already up to date

Attempting to run unios_2.x.sh directly results in no output.

Finally I just ran the following from the script directly in the terminal:

tee /lib/systemd/system/tailscale-install.service >/dev/null <<EOF
[Unit]
Description=Ensure that Tailscale is installed on your device
Before=tailscaled.service
After=network.target

[Service]
Type=oneshot
RemainAfterExit=yes
Restart=no
ExecStart=/bin/bash /data/tailscale/manage.sh install

[Install]
WantedBy=tailscaled.service
EOF

systemctl daemon-reload
systemctl enable tailscale-install.service

This was successful. Will post an update after the next firmware update is released and installed.

[notheotherben]

Thank you @GlitchWitch, I've made some improvements to the commands and testing guidance based on what you've shared (there's now a /data/tailscale/manage.sh install! command which will force installation even if Tailscale was previously installed, saving you needing to manually apply the changes.

I've not tested this yet, but you may also be able to re-install 2.5.17 using the ubnt-tool fwupdate <url> command to test this workflow and ensure that the change works. I'll try to get to that myself as soon as I have some time (and can afford for my internet to be down).