Mail archive
alpine-aports

[alpine-aports] [PATCH] community/wireguard: new aport

From: Johannes Matheis <jomat+alpinebuild_at_jmt.gr>
Date: Mon, 21 Nov 2016 14:03:02 +0000

https://www.wireguard.io/
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography
---
 community/wireguard/APKBUILD           | 66 ++++++++++++++++++++++++++++++++++
 community/wireguard/README.alpine      | 36 +++++++++++++++++++
 community/wireguard/wg_example.conf    |  7 ++++
 community/wireguard/wireguard.ifupdown | 45 +++++++++++++++++++++++
 4 files changed, 154 insertions(+)
 create mode 100644 community/wireguard/APKBUILD
 create mode 100644 community/wireguard/README.alpine
 create mode 100644 community/wireguard/wg_example.conf
 create mode 100755 community/wireguard/wireguard.ifupdown
diff --git a/community/wireguard/APKBUILD b/community/wireguard/APKBUILD
new file mode 100644
index 0000000..78d56cf
--- /dev/null
+++ b/community/wireguard/APKBUILD
_at_@ -0,0 +1,66 @@
+# Contributor: Johannes Matheis <jomat+alpinebuild_at_jmt.gr>
+# Maintainer: Johannes Matheis <jomat+alpinebuild_at_jmt.gr>
+pkgname=wireguard
+pkgver=0.0.20161116.1
+pkgrel=0
+pkgdesc="WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography"
+url="https://www.wireguard.io/"
+arch="all"
+license="GPL"
+depends=""
+makedepends="linux-headers linux-grsec-dev libmnl-dev"
+install=""
+subpackages="$pkgname-doc $pkgname-tools $pkgname-kmod"
+source="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-experimental-${pkgver}.tar.xz
+	wireguard.ifupdown
+	README.alpine
+	wg_example.conf"
+builddir="$srcdir/WireGuard-experimental-${pkgver}/src/"
+
+prepare() {
+	local i
+	cd "$builddir"
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
+}
+
+build() {
+	cd "$builddir"
+	make KCFLAGS=-fno-pie || return 1
+}
+
+package() {
+	depends="wireguard-tools wireguard-module"
+	cd "$builddir"
+	make DESTDIR="$pkgdir" INSTALL_MOD_PATH="$pkgdir" install || return 1
+	install -D -m600 $srcdir/wg_example.conf $pkgdir/usr/share/doc/wireguard/wg_example.conf || return 1
+	install -D -m644 $srcdir/README.alpine $pkgdir/usr/share/doc/wireguard/README.alpine || return 1
+}
+
+tools() {
+	install -d -m700 $subpkgdir/etc/wireguard || return 1
+	install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-pre-up.d/wireguard || return 1
+	install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-post-down.d/wireguard || return 1
+        mv $pkgdir/usr $subpkgdir
+}
+
+kmod() {
+	install -d -m755 $subpkgdir
+	mv $pkgdir/lib $subpkgdir
+}
+
+md5sums="031f76e990a649b6ab0185ad9848f88c  WireGuard-experimental-0.0.20161116.1.tar.xz
+fa5fff08d09f53469ee0380b75b1ebc1  wireguard.ifupdown
+f0c50dbbed58dbf7ff823da41427f65a  README.alpine
+b3e9f999dbaf32d063a75479e9ebbc87  wg_example.conf"
+sha256sums="730d9d919e1942cf83e59dcb8c6ee6ac6696c62ce363c4802474774a5db8238d  WireGuard-experimental-0.0.20161116.1.tar.xz
+da6b51d3b78daf67069b24eb43c968b50eb3e39bcb0d23c192540ff6cbe02fef  wireguard.ifupdown
+59104dd25feaaf2a59d126bdae038a3a92317a18daa5be363d96e97426e0885a  README.alpine
+549c94588eb42656c6af7e84c1e4a2011f202500a95a6e520042ab6cbf32debf  wg_example.conf"
+sha512sums="abfe4e973ea5f829e90c929994f359fcc814a72d8fd92274a0921d5756ecee8b1c8e3a7b0d97947ae37915f4c7437c1cdee59ff88dc53d124fbb1a6d1f22e8d8  WireGuard-experimental-0.0.20161116.1.tar.xz
+582d451969c7987af5af3682ed672b9734ccb033362c0b0bbd80f49f28ef241efb3c4e4a1dfe8ee1d58b24ce1cdbbc74c6342d48a89b749e4b3aa6a10931d9cb  wireguard.ifupdown
+7d3cd33eaf0cfe1b4514aa665288a441a356ffd4d042e68c72b0bd6a0b8ab7b7ab5e195471b286a28e6613fe0a7fd507bf19c6db563e123da07dcaee4ca71647  README.alpine
+9e6ce4d394d606e5d5485bd746f00de17eab42c939e9b7173ef7237003e43f4a5586634a6425fe8d3f473bf72131d60f9ed30f4dc9a65bd244b1e08a06575ce0  wg_example.conf"
diff --git a/community/wireguard/README.alpine b/community/wireguard/README.alpine
new file mode 100644
index 0000000..cacfaed
--- /dev/null
+++ b/community/wireguard/README.alpine
_at_@ -0,0 +1,36 @@
+Using the experimental WireGuard VPN and encrypted network tunnel
+==================================================================
+
+WireGuard is still in experimental stages. Please use caution!
+
+Check https://www.wireguard.io/ for information that isn't
+specific to Alpine Linux.
+
+
+Configure wireguard interfaces in /etc/network/interfaces:
+
+iface wg_example inet static
+  wg_config /etc/wireguard/wg_example.conf
+  wg_update_conf false
+  address 10.23.42.1
+  netmask 255.255.255.0
+  [...]
+
+
+Any interface names starting with 'wg' will be treated as
+wireguard interfaces. To use a different name, set at least
+one of the optional wg_ variables:
+
+wg_config
+  Defaults to /etc/wireguard/$IFNAME.conf
+  Specifies a different config file for the tunnel, see
+  also wg_example.conf
+
+wg_update_conf
+  Defaults to false
+  Update config file upon taking down the interface
+  This can be useful for roaming endpoints
+
+wg_ignore
+  Default to false
+  Set to true if this isn't a wireguard interface
diff --git a/community/wireguard/wg_example.conf b/community/wireguard/wg_example.conf
new file mode 100644
index 0000000..fbaac19
--- /dev/null
+++ b/community/wireguard/wg_example.conf
_at_@ -0,0 +1,7 @@
+[Interface]
+PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
+ListenPort = 41414
+
+[Peer]
+PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
+AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
diff --git a/community/wireguard/wireguard.ifupdown b/community/wireguard/wireguard.ifupdown
new file mode 100755
index 0000000..3509977
--- /dev/null
+++ b/community/wireguard/wireguard.ifupdown
_at_@ -0,0 +1,45 @@
+#!/bin/sh
+IP=/sbin/ip
+WG=/usr/bin/wg
+MV=/bin/mv
+MKTEMP=/bin/mktemp
+
+case ${IF_WG_IGNORE} in
+  yes|true|1) exit 0;;
+esac
+
+if [ "${IFACE#wg*}" == "$IFACE" \
+  -a -z "${IF_WG_CONFIG}" \
+  -a -z "${IF_WG_UPDATE_CONF}" \
+  -a -z "${IF_WG_IGNORE}" ]
+then
+  exit 0
+fi
+
+: ${IF_WG_CONFIG:=/etc/wireguard/${IFACE}.conf}
+
+case ${PHASE}
+in
+  pre-up)
+    if [ ! -f ${IF_WG_CONFIG} ]
+    then
+      echo "WireGuard config file ${IF_WG_CONFIG} not found." >&2
+      exit 1
+    fi
+    ${IP} link add dev ${IFACE} type wireguard
+    ${WG} setconf ${IFACE} ${IF_WG_CONFIG}
+    ;;
+  post-down)
+    case ${IF_WG_UPDATE_CONF}
+    in
+      yes|true|1)
+        echo "Updating ${IF_WG_CONFIG}"
+	umask 077
+	TMPFILE=$(${MKTEMP})
+        ${WG} showconf ${IFACE} > ${TMPFILE}
+	${MV} ${TMPFILE} ${IF_WG_CONFIG}
+	;;
+    esac
+    ${IP} link del dev ${IFACE}
+    ;;
+esac
-- 
2.10.2
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Mon Nov 21 2016 - 14:03:02 GMT