~alpine/aports

This thread contains a patchset. You're looking at the original emails, but you may wish to use the patch review UI. Review patch

[alpine-aports] [PATCH] community/wireguard: new aport

Johannes Matheis <jomat+alpinebuild@jmt.gr>
Details
Message ID
<20161121140302.12183-1-jomat+alpinebuild@jmt.gr>
Sender timestamp
1479736982
DKIM signature
missing
Download raw message
Patch: +154 -0
https://www.wireguard.io/
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography
---
 community/wireguard/APKBUILD           | 66 ++++++++++++++++++++++++++++++++++
 community/wireguard/README.alpine      | 36 +++++++++++++++++++
 community/wireguard/wg_example.conf    |  7 ++++
 community/wireguard/wireguard.ifupdown | 45 +++++++++++++++++++++++
 4 files changed, 154 insertions(+)
 create mode 100644 community/wireguard/APKBUILD
 create mode 100644 community/wireguard/README.alpine
 create mode 100644 community/wireguard/wg_example.conf
 create mode 100755 community/wireguard/wireguard.ifupdown

diff --git a/community/wireguard/APKBUILD b/community/wireguard/APKBUILD
new file mode 100644
index 0000000..78d56cf
--- /dev/null
+++ b/community/wireguard/APKBUILD
@@ -0,0 +1,66 @@
# Contributor: Johannes Matheis <jomat+alpinebuild@jmt.gr>
# Maintainer: Johannes Matheis <jomat+alpinebuild@jmt.gr>
pkgname=wireguard
pkgver=0.0.20161116.1
pkgrel=0
pkgdesc="WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography"
url="https://www.wireguard.io/"
arch="all"
license="GPL"
depends=""
makedepends="linux-headers linux-grsec-dev libmnl-dev"
install=""
subpackages="$pkgname-doc $pkgname-tools $pkgname-kmod"
source="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-experimental-${pkgver}.tar.xz
	wireguard.ifupdown
	README.alpine
	wg_example.conf"
builddir="$srcdir/WireGuard-experimental-${pkgver}/src/"

prepare() {
	local i
	cd "$builddir"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
		esac
	done
}

build() {
	cd "$builddir"
	make KCFLAGS=-fno-pie || return 1
}

package() {
	depends="wireguard-tools wireguard-module"
	cd "$builddir"
	make DESTDIR="$pkgdir" INSTALL_MOD_PATH="$pkgdir" install || return 1
	install -D -m600 $srcdir/wg_example.conf $pkgdir/usr/share/doc/wireguard/wg_example.conf || return 1
	install -D -m644 $srcdir/README.alpine $pkgdir/usr/share/doc/wireguard/README.alpine || return 1
}

tools() {
	install -d -m700 $subpkgdir/etc/wireguard || return 1
	install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-pre-up.d/wireguard || return 1
	install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-post-down.d/wireguard || return 1
        mv $pkgdir/usr $subpkgdir
}

kmod() {
	install -d -m755 $subpkgdir
	mv $pkgdir/lib $subpkgdir
}

md5sums="031f76e990a649b6ab0185ad9848f88c  WireGuard-experimental-0.0.20161116.1.tar.xz
fa5fff08d09f53469ee0380b75b1ebc1  wireguard.ifupdown
f0c50dbbed58dbf7ff823da41427f65a  README.alpine
b3e9f999dbaf32d063a75479e9ebbc87  wg_example.conf"
sha256sums="730d9d919e1942cf83e59dcb8c6ee6ac6696c62ce363c4802474774a5db8238d  WireGuard-experimental-0.0.20161116.1.tar.xz
da6b51d3b78daf67069b24eb43c968b50eb3e39bcb0d23c192540ff6cbe02fef  wireguard.ifupdown
59104dd25feaaf2a59d126bdae038a3a92317a18daa5be363d96e97426e0885a  README.alpine
549c94588eb42656c6af7e84c1e4a2011f202500a95a6e520042ab6cbf32debf  wg_example.conf"
sha512sums="abfe4e973ea5f829e90c929994f359fcc814a72d8fd92274a0921d5756ecee8b1c8e3a7b0d97947ae37915f4c7437c1cdee59ff88dc53d124fbb1a6d1f22e8d8  WireGuard-experimental-0.0.20161116.1.tar.xz
582d451969c7987af5af3682ed672b9734ccb033362c0b0bbd80f49f28ef241efb3c4e4a1dfe8ee1d58b24ce1cdbbc74c6342d48a89b749e4b3aa6a10931d9cb  wireguard.ifupdown
7d3cd33eaf0cfe1b4514aa665288a441a356ffd4d042e68c72b0bd6a0b8ab7b7ab5e195471b286a28e6613fe0a7fd507bf19c6db563e123da07dcaee4ca71647  README.alpine
9e6ce4d394d606e5d5485bd746f00de17eab42c939e9b7173ef7237003e43f4a5586634a6425fe8d3f473bf72131d60f9ed30f4dc9a65bd244b1e08a06575ce0  wg_example.conf"
diff --git a/community/wireguard/README.alpine b/community/wireguard/README.alpine
new file mode 100644
index 0000000..cacfaed
--- /dev/null
+++ b/community/wireguard/README.alpine
@@ -0,0 +1,36 @@
Using the experimental WireGuard VPN and encrypted network tunnel
==================================================================

WireGuard is still in experimental stages. Please use caution!

Check https://www.wireguard.io/ for information that isn't
specific to Alpine Linux.


Configure wireguard interfaces in /etc/network/interfaces:

iface wg_example inet static
  wg_config /etc/wireguard/wg_example.conf
  wg_update_conf false
  address 10.23.42.1
  netmask 255.255.255.0
  [...]


Any interface names starting with 'wg' will be treated as
wireguard interfaces. To use a different name, set at least
one of the optional wg_ variables:

wg_config
  Defaults to /etc/wireguard/$IFNAME.conf
  Specifies a different config file for the tunnel, see
  also wg_example.conf

wg_update_conf
  Defaults to false
  Update config file upon taking down the interface
  This can be useful for roaming endpoints

wg_ignore
  Default to false
  Set to true if this isn't a wireguard interface
diff --git a/community/wireguard/wg_example.conf b/community/wireguard/wg_example.conf
new file mode 100644
index 0000000..fbaac19
--- /dev/null
+++ b/community/wireguard/wg_example.conf
@@ -0,0 +1,7 @@
[Interface]
PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
ListenPort = 41414

[Peer]
PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
diff --git a/community/wireguard/wireguard.ifupdown b/community/wireguard/wireguard.ifupdown
new file mode 100755
index 0000000..3509977
--- /dev/null
+++ b/community/wireguard/wireguard.ifupdown
@@ -0,0 +1,45 @@
#!/bin/sh
IP=/sbin/ip
WG=/usr/bin/wg
MV=/bin/mv
MKTEMP=/bin/mktemp

case ${IF_WG_IGNORE} in
  yes|true|1) exit 0;;
esac

if [ "${IFACE#wg*}" == "$IFACE" \
  -a -z "${IF_WG_CONFIG}" \
  -a -z "${IF_WG_UPDATE_CONF}" \
  -a -z "${IF_WG_IGNORE}" ]
then
  exit 0
fi

: ${IF_WG_CONFIG:=/etc/wireguard/${IFACE}.conf}

case ${PHASE}
in
  pre-up)
    if [ ! -f ${IF_WG_CONFIG} ]
    then
      echo "WireGuard config file ${IF_WG_CONFIG} not found." >&2
      exit 1
    fi
    ${IP} link add dev ${IFACE} type wireguard
    ${WG} setconf ${IFACE} ${IF_WG_CONFIG}
    ;;
  post-down)
    case ${IF_WG_UPDATE_CONF}
    in
      yes|true|1)
        echo "Updating ${IF_WG_CONFIG}"
	umask 077
	TMPFILE=$(${MKTEMP})
        ${WG} showconf ${IFACE} > ${TMPFILE}
	${MV} ${TMPFILE} ${IF_WG_CONFIG}
	;;
    esac
    ${IP} link del dev ${IFACE}
    ;;
esac
-- 
2.10.2



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)